Cyber Information Exchange Profile

Title: Cyber Information Exchange Profile

Description: The Cyber Information Exchange Profile provides standards are used to exchange information about cyber threats. Structured Threat Information Expression (STIX) is an information model and serialization for cyber threat intelligence (CTI). By allowing the consistent expression of CTI in a machinereadable specification, STIX supports shared threat analysis, machine automation, and information sharing. It enables use cases such as indicator exchange, management of response activities, shared malware analysis, and higher level threat intelligence sharing. Trusted Automated eXchange of Intelligence Information (TAXII) is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It defines services and message exchanges that enable organizations to share the information they choose with the partners they choose. TAXII is designed to transport STIX Objects. Some of the important use cases are data feed providers such as an intel provider trying to share what indicators they see for threats, and sharing that with either Threat Intelligence Platforms (TIPS), sharing it with threat mitigation systems for example, like a firewall.

Reference document

Org: FMN

Pubnum

Date: 2022-12-02

Version

Title: Proposed FMN Spiral 5 Specification

Taxonomy

C3 Taxonomy

Standards

Obligation: MANDATORY, Lifecycle: CANDIDATE

STIX 2.0 is transport-agnostic, i.e., the structures and serializations do not rely on any specific transport mechanism. STIX 2.0 messages will be exchanged with distributed collaboration means such as email and web-hosting.

Guidance

Status

URI

History

Flag	Date	RFC	Version
added	2023-01-23	14-32	15

UUID: 244d856b-03fb-4d9b-89ea-0f221293d137

Utilization

This profile is used by the following profiles:

CIS Support Standards Profiles - (profile)