Title
Cyber Information Exchange Profile
Description
The Cyber Information Exchange Profile provides standards are used to exchange information about cyber threats. Structured Threat Information Expression (STIX) is an information model and serialization for cyber threat intelligence (CTI). By allowing the consistent expression of CTI in a machinereadable specification, STIX supports shared threat analysis, machine automation, and information sharing. It enables use cases such as indicator exchange, management of response activities, shared malware analysis, and higher level threat intelligence sharing. Trusted Automated eXchange of Intelligence Information (TAXII) is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It defines services and message exchanges that enable organizations to share the information they choose with the partners they choose. TAXII is designed to transport STIX Objects. Some of the important use cases are data feed providers such as an intel provider trying to share what indicators they see for threats, and sharing that with either Threat Intelligence Platforms (TIPS), sharing it with threat mitigation systems for example, like a firewall.

Reference document

Org
FMN
Pubnum
Date
2022-12-02
Version
Title
Proposed FMN Spiral 5 Specification

Taxonomy

Standards

Obligation: MANDATORY, Lifecycle: CANDIDATE

STIX 2.0 is transport-agnostic, i.e., the structures and serializations do not rely on any specific transport mechanism. STIX 2.0 messages will be exchanged with distributed collaboration means such as email and web-hosting.

Guidance

Status

URI

History

Flag Date RFC Version
added 2023-01-23 14-32 15
UUID
244d856b-03fb-4d9b-89ea-0f221293d137

Utilization

This profile is used by the following profiles: