STIX (Structured Threat Information eXpression) is a standardized language which has been developed by MITRE in a collaborative way in order to represent structured information about cyber threats. It has been developed so it can be shared, stored, and otherwise used in a consistent manner that facilitates automation and human assisted analysis.
TAXII (Trusted Automated eXchange of Indicator Information) is a collection of services and message exchanges to enable the sharing of information about cyber threats across product, service and organizational boundaries. It is a transport vehicle for STIX structured threat information and key enabler to widespread exchange.
Why is it important?
STIX and TAXII allow transportation of threat information among IT security and intelligence technologies. Re-aligning IT security efforts based on real-time information exchanges between government, commercial suppliers, non-profit efforts and industry partners. One organization’s reactive, is the other’s proactive.
STIX and TAXII are open community efforts sponsored by the U.S. Department of Homeland Security are heavily supported by MITRE corporation. Enjoying global adoption, the industry will need to continue to work together and build upon this platform to make STIX and TAXII standards we continue to rely on.
STIX and TAXII make it easier to share and collaborate within your sector, community or with partners, which in turn creates true Cyber Intelligence communities.
1. Read About STIX and TAXIIMITRE and the community have consolidated their documentation on Github. Find STIX documentation ... Read more
2. Set-up your TAXII server and/or clientEclecticIQ has released an open-source TAXII Server named OpenTAXII and TAXII Client named Read more
3. Transform your Intelligence / Indicators
4. Lift off!
Congratulations! You’re now part of the STIX and TAXII community. Talk to you on the mailing lists or contact us at firstname.lastname@example.org if you need any further assistance.
Prepare yourself for STIX 2.1. Read the White Paper "STIX 2.1 and Beyond".
Our public TAXII collection contains all structured data that is included with our Analyst Prompt publications. Please refer to our support page for guidance.
STIX and TAXII in action
Like to know more about exchanging CTI in STIX 2.1 over TAXII 2.1 compared to a conventional - non-standard - format and transfer protocol? Our experts are more than happy to share how cybersecurity teams within Central Government, ISAC, MSSP or Large Enterprises organizations benefit from this core capability within their cybersecurity technology stack.