STIX 2.1 - A More Robust Approach to Intelligence Sharing
This White Paper highlights the exciting improvements with STIX 2.1 and its value as an exchange, interoperability, and transformation standard.
Even the largest enterprises and governments must work together as the only viable way to get ahead of the threat. Central to this happening is having a robust means to share cyber threat intelligence (CTI) information. This requirement drove the creation of the Structured Threat Information eXpression (STIX) language.
Since its introduction in 2013, STIX has become a mainstay of intelligence sharing. However, its first releases were limited in communicating anything more than the basics. With the new STIX 2.1, CTI analysts can now convey higher-level concepts like context and relationships in a standardized way.
From this white paper, you will learn:
- The essential updates with STIX 2.1: streamlining the number of objects, improving data transfer efficiency with JSON, and improvements to community knowledge building.
- Explanation of STIX 2.1 STIX Domain Objects (SDO), STIX Cyber-observable Objects (SCO), and STIX Relationship Objects (SRO).
- What it means to be fully interoperable with STIX 2.1.
- Putting STIX 2.1 in perspective as an interchange format versus a data model.