STIX

Structured Threat Information eXpression (STIX) is a free, open-source language that allows users to share and analyze cyber threat intelligence (CTI) in a consistent, human-readable format:

Purpose

STIX is a standardized language that allows users to share CTI in a way that can be easily understood by both humans and security technologies.

Features

STIX is flexible, extensible, and automatable. It uses a JSON-based lexicon to describe threats in terms of their motivations, abilities, capabilities, and responses.

Benefits

STIX allows users to share and analyze CTI easily and consistently, which can help them understand threats and act proactively or defensively.

Community

STIX is a collaborative community-driven effort that welcomes participation from anyone interested.

Integration

STIX can be integrated into existing tools and products, or used for specific analyst or network needs.

Transport

STIX is often used in conjunction with Trusted Automated eXchange of Intelligence Information (TAXII), a transport protocol that supports transferring STIX insights over HTTPS.