OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

members message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: STIXâ V2.1 and TAXIIâ V2.1 OASIS Standards are published

The leading standards for representing and sharing cyberthreat intelligence are now OASIS Standards,Âpublicly available for download and implementation.

OASIS Members and all interested parties,

OASIS is pleased to announce the publication of its newest OASIS Standards, approved by the members on 10 June 2021:

STIXâ Version 2.1
OASIS Standard
10 June 2021


TAXIIâ Version 2.1
OASIS Standard
10 June 2021

The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. The work was based initially on three specifications contributed by the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information _expression_), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable _expression_).

Structured Threat Information _expression_ (STIX) is a language and serialization format used to exchange cyber threat intelligence. STIX enables organizations and tools to share threat intelligence with one another in a way that improves many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

The TC received 11 Statements of Use from Accenture Security, Anomali, Avast Software s.r.o., CISA, DarkLight, Inc., EclecticIQ B.V., Fujitsu, IBM, New Context, SEKOIA, and Trend Micro.

TAXII is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It is specifically designed to support the exchange of CTI represented in STIX, but is not limited to STIX.

The TC received 9 Statements of Use from Avast Software s.r.o., Celerium, CISA, Cyware Labs, EclecticIQ B.V., FreeTAXII, Fujitsu, SEKOIA, and Trend Micro.


The OASIS Standards and all related files are available here:

* STIX Version 2.1

Editable source (Authoritative):Â



* TAXII Version 2.1

Editable source (Authoritative):



Distribution ZIP files

For your convenience, OASIS provides a complete package of the prose specifications and related files in ZIP distribution files. You can download the ZIP files here:

* STIX Version 2.1: https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.zip

* TAXIIâ Version 2.1: https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.zip

Our congratulations to the members of the OASIS Cyber Threat Intelligence (CTI) TC on achieving this milestone.



Chief Technical Community Steward


+1 201-341-1393

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]