Title
FMN Spiral 4.0 Cyber Information Exchange Profile
Description
The Cyber Information Exchange Profile provides standards are used to exchange information about cyber threats. Structured Threat Information Expression (STIX) is an information model and serialization for cyber threat intelligence (CTI). By allowing the consistent expression of CTI in a machinereadable specification, STIX supports shared threat analysis, machine automation, and information sharing. It enables use cases such as indicator exchange, management of response activities, shared malware analysis, and higher level threat intelligence sharing. Trusted Automated eXchange of Intelligence Information (TAXII) is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It defines services and message exchanges that enable organizations to share the information they choose with the partners they choose. TAXII is designed to transport STIX Objects. Some of the important use cases are data feed providers such as an intel provider trying to share what indicators they see for threats, and sharing that with either Threat Intelligence Platforms (TIPS), sharing it with threat mitigation systems for example, like a firewall.

Reference document

Org
FMN
Pubnum
Date
2021-02-08
Version
4
Title
FMN Spiral 4 Overview of Standards and Profiles

Taxonomy

Standards

Obligation: Mandatory, Lifecycle: Current

STIX 2.0 is transport-agnostic, i.e., the structures and serializations do not rely on any specific transport mechanism. STIX 2.0 messages will be exchanged with distributed collaboration means such as email and web-hosting.

Status

URI

History

Flag Date RFC Version
added 2021-01-15 13-019 14.0
UUID
45d98075-02d4-4abc-acb0-c11138ba7e64

Utilization

This profile is used by the following profiles: