一句话介绍:STIX, short for Structured Threat Information eXpression, is a standardized language developed by MITRE and the OASIS Cyber Threat Intelligence (CTI) Technical Committee for describing cyber threat information.
应用现状:It has been adopted as an international standard by various intelligence sharing communities and organizations.
使用方式:It is designed to be shared via TAXII, but can be shared by other means
用途
STIX is structured in such a fashion that users can describe threat
Motivations
Abilities
Capabilities
Response
TAXII=Trusted Automated eXchange of Intelligence Information
一句话描述:defines how cyber threat information can be shared via services and message exchanges
作用:It is designed specifically to support STIX information, which it does by defining an API that aligns with common sharing models
3种主要模型
Hub and spoke – one repository of information
Source/subscriber – one single source of information
Peer-to-peer – multiple groups share information
4种服务
Discovery – a way to learn what services an entity supports and how to interact with them
Collection Management – a way to learn about and request subscriptions to data collections
