Final Published: STIX2.1 & TAXII2.1

ByJane Ginn

June 24, 2022 , ,

The leading standards for representing and sharing cyberthreat intelligence are now OASIS Standards, publicly available for download and implementation.

OASIS Members and all interested parties,

OASIS is pleased to announce the publication of its newest OASIS Standards, approved by the members on 10 June 2021:

STIX™ Version 2.1
OASIS Standard
10 June 2021

and

TAXII™ Version 2.1
OASIS Standard
10 June 2021

The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. The work was based initially on three specifications contributed by the US Department of Homeland Security (DHS) for development and standardization under the OASIS open standards process: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression).

Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence. STIX enables organizations and tools to share threat intelligence with one another in a way that improves many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

The TC received 11 Statements of Use from Accenture Security, Anomali, Avast Software s.r.o., CISA, DarkLight, Inc., EclecticIQ B.V., Fujitsu, IBM, New Context, SEKOIA, and Trend Micro.

TAXII is an application layer protocol for the communication of cyber threat information in a simple and scalable manner. It is specifically designed to support the exchange of CTI represented in STIX, but is not limited to STIX.

The TC received 9 Statements of Use from Avast Software s.r.o., Celerium, CISA, Cyware Labs, EclecticIQ B.V., FreeTAXII, Fujitsu, SEKOIA, and Trend Micro.

URIs

The OASIS Standards and all related files are available here:

* STIX Version 2.1

Editable source (Authoritative):

HTML:
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html

PDF:
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.pdf

* TAXII Version 2.1

Editable source (Authoritative):

HTML:
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html

PDF:
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.pdf

Distribution ZIP files

For your convenience, OASIS provides a complete package of the prose specifications and related files in ZIP distribution files. You can download the ZIP files here:

* STIX Version 2.

* TAXII™ Version 2.

Our congratulations to the members of the OASIS Cyber Threat Intelligence (CTI) TC on achieving this milestone.

author avatar
Jane Ginn CTIN President & Co-Founder
Jane Ginn ~ As the co-founder of the Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. She currently serves as the Secretary of the OASIS Threat Actor Context Technical Committee, contributing to the creation of a semantic technology ontology for cyber threat actor analysis. Her efforts in this area and her earlier work with the Cyber Threat Intelligence (CTI) TC earned her the 2020 Distinguished Contributor award from OASIS. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn: www.linkedin.com/comm/mynetwork/discovery-see-all?usecase=PEOPLE_FOLLOWS&followMember=janeginn
Translate »