- Cyber Information Exchange Profile
- The Cyber Information Exchange Profile provides standards are used to exchange information about cyber threats. Structured Threat Information Expression (STIX) is an information model and serialization for cyber threat intelligence (CTI). By allowing the consistent expression of CTI in a machinereadable specification, STIX supports shared threat analysis, machine automation, and information sharing. It enables use cases such as indicator exchange, management of response activities, shared malware analysis, and higher level threat intelligence sharing. Trusted Automated eXchange of Intelligence Information (TAXII) is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It defines services and message exchanges that enable organizations to share the information they choose with the partners they choose. TAXII is designed to transport STIX Objects. Some of the important use cases are data feed providers such as an intel provider trying to share what indicators they see for threats, and sharing that with either Threat Intelligence Platforms (TIPS), sharing it with threat mitigation systems for example, like a firewall.