{"id":764,"date":"2022-10-10T21:08:34","date_gmt":"2022-10-10T21:08:34","guid":{"rendered":"https:\/\/cyberthreatintelligencenetwork.com\/?p=764"},"modified":"2024-06-23T17:56:36","modified_gmt":"2024-06-23T17:56:36","slug":"stix2-1-best-practices","status":"publish","type":"post","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/","title":{"rendered":"STIX2.1 Best Practices"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"764\" class=\"elementor elementor-764\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5087d944 e-flex e-con-boxed e-con e-parent\" data-id=\"5087d944\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5d410a29 elementor-widget elementor-widget-text-editor\" data-id=\"5d410a29\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\n<p>Earlier today members of the CTI TC received notification that the Best Practices document developed in support of the STIX2.1 OASIS Standard had been finalized.  Below is the announcement and links to the final document.<\/p>\n\n\n\n<div class=\"wp-block-media-text alignwide has-media-on-the-right is-stacked-on-mobile\"><div class=\"wp-block-media-text__content\">\n<p>OASIS is pleased to announce publication of &#8220;STIX\u2122 Best Practices Guide Version 1.0.0&#8221;, a Committee Note from the members of the OASIS Cyber Threat Intelligence (CTI) TC [1].<\/p>\n<p>This guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.<\/p>\n<\/div><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" src=\"data:image\/gif;base64,R0lGODlhAQABAIAAAAAAAP\/\/\/yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\" data-src=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/10\/FinalBP-1024x569.png\" alt=\"\" class=\"wp-image-765 size-full lazyload\"\/><noscript><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"569\" src=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/10\/FinalBP-1024x569.png\" alt=\"\" class=\"wp-image-765 size-full lazyload\" srcset=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/10\/FinalBP-1024x569.png 1024w, https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/10\/FinalBP-300x167.png 300w, https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/10\/FinalBP-768x427.png 768w, https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/10\/FinalBP.png 1339w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/noscript><\/figure><\/div>\n\n\n\n<p><\/p>\n\n\n\n<p>The Committee Note is available here:<\/p>\n\n\n\n<p>STIX Best Practices Guide Version 1.0.0<br>Committee Note 01<br>15 September 2022<\/p>\n\n\n\n<p>Editable source (Authoritative):<br><a href=\"https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.docx\">https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.docx<\/a><\/p>\n\n\n\n<p>HTML:<br><a href=\"https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.html\">https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.html<\/a><\/p>\n\n\n\n<p>PDF:<br><a href=\"https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.pdf\">https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.pdf<\/a><\/p>\n\n\n\n<p>For your convenience, OASIS provides a complete package of the Committee Note that you can download here:<br><a href=\"https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.zip\">https:\/\/docs.oasis-open.org\/cti\/stix-bp\/v1.0.0\/cn01\/stix-bp-v1.0.0-cn01.zip<\/a><\/p>\n\n\n\n<p>Members of the CTI TC approved this Committee Note by a Full Majority vote on 15 September 2022 as documented in the TC minutes [2].<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.<\/p>\n","protected":false},"author":2,"featured_media":813,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"elementor_theme","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[20,255],"tags":[15,18],"class_list":["post-764","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-standards","category-stix-taxii","tag-oasis","tag-stix2-1"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.9.5.2 - aioseo.com -->\n\t<meta name=\"description\" content=\"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Jane Ginn\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.9.5.2\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"CTIN - Cybersecurity Center\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"STIX2.1 Best Practices - CTIN\" \/>\n\t\t<meta property=\"og:description\" content=\"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"112\" \/>\n\t\t<meta property=\"og:image:height\" content=\"112\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2022-10-10T21:08:34+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-06-23T17:56:36+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CyberThreatIntelligenceNetwork\/\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@CTIN_Global\" \/>\n\t\t<meta name=\"twitter:title\" content=\"STIX2.1 Best Practices - CTIN\" \/>\n\t\t<meta name=\"twitter:description\" content=\"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.\" \/>\n\t\t<meta name=\"twitter:creator\" content=\"@CTIN_Global\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#blogposting\",\"name\":\"STIX2.1 Best Practices - CTIN\",\"headline\":\"STIX2.1 Best Practices\",\"author\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/SteelBlueAbstract.jpg\",\"width\":1640,\"height\":679,\"caption\":\"Computer on desktop in office with technology theme hologram. Multi exposure. Tech concept.\"},\"datePublished\":\"2022-10-10T21:08:34+00:00\",\"dateModified\":\"2024-06-23T17:56:36+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#webpage\"},\"articleSection\":\"Standards, STIX\\\/TAXII, OASIS, STIX2.1\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/#listItem\",\"name\":\"Posts\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/#listItem\",\"position\":2,\"name\":\"Posts\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/#listItem\",\"name\":\"CyberSecurity\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/#listItem\",\"position\":3,\"name\":\"CyberSecurity\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/standards\\\/#listItem\",\"name\":\"Standards\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/blog\\\/posts\\\/#listItem\",\"name\":\"Posts\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/standards\\\/#listItem\",\"position\":4,\"name\":\"Standards\",\"item\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/standards\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#listItem\",\"name\":\"STIX2.1 Best Practices\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/#listItem\",\"name\":\"CyberSecurity\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#listItem\",\"position\":5,\"name\":\"STIX2.1 Best Practices\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/category\\\/cybersecurity\\\/standards\\\/#listItem\",\"name\":\"Standards\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#organization\",\"name\":\"Cyber Threat Intelligence Network\",\"description\":\"Cybersecurity Center\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/\",\"telephone\":\"+14804624039\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/cropped-cropped-2020-logo.png\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#organizationLogo\",\"width\":757,\"height\":237},\"image\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/CyberThreatIntelligenceNetwork\\\/\",\"https:\\\/\\\/twitter.com\\\/CTIN_Global\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/janeginn\\\/\",\"https:\\\/\\\/bsky.app\\\/profile\\\/janeginn.bsky.social\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/\",\"name\":\"Jane Ginn\",\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/rjg-PhonePhoto.PNG\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/CTIN_Global\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/janeginn\\\/\",\"https:\\\/\\\/bsky.app\\\/profile\\\/janeginn.bsky.social\",\"https:\\\/\\\/infosec.exchange\\\/@ctin\"],\"description\":\"As the co-founder of the US-based Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. Her work with the Cyber Threat Intelligence (CTI) technical committee earned her the 2020 Distinguished Contributor award from OASIS. She is currently supporting the analysis services of Datos Insights, an advisory firm focusing on the financial services sector. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn\",\"jobTitle\":\"CTIN President & Co-Founder\",\"alumniOf\":[{\"@type\":\"EducationalOrganization\",\"name\":\"Norwich University\",\"sameAs\":\"https:\\\/\\\/online.norwich.edu\\\/online\\\/programs-courses\\\/programs\\\/master-science-cybersecurity\"}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#webpage\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/\",\"name\":\"STIX2.1 Best Practices - CTIN\",\"description\":\"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/author\\\/neffie\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/SteelBlueAbstract.jpg\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#mainImage\",\"width\":1640,\"height\":679,\"caption\":\"Computer on desktop in office with technology theme hologram. Multi exposure. Tech concept.\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/index.php\\\/2022\\\/10\\\/10\\\/stix2-1-best-practices\\\/#mainImage\"},\"datePublished\":\"2022-10-10T21:08:34+00:00\",\"dateModified\":\"2024-06-23T17:56:36+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#website\",\"url\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/\",\"name\":\"Training Center\",\"description\":\"Cybersecurity Center\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/cyberthreatintelligencenetwork.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>STIX2.1 Best Practices - CTIN<\/title>\n\n","aioseo_head_json":{"title":"STIX2.1 Best Practices - CTIN","description":"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.","canonical_url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#blogposting","name":"STIX2.1 Best Practices - CTIN","headline":"STIX2.1 Best Practices","author":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author"},"publisher":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/11\/SteelBlueAbstract.jpg","width":1640,"height":679,"caption":"Computer on desktop in office with technology theme hologram. Multi exposure. Tech concept."},"datePublished":"2022-10-10T21:08:34+00:00","dateModified":"2024-06-23T17:56:36+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#webpage"},"isPartOf":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#webpage"},"articleSection":"Standards, STIX\/TAXII, OASIS, STIX2.1"},{"@type":"BreadcrumbList","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com#listItem","position":1,"name":"Home","item":"https:\/\/cyberthreatintelligencenetwork.com","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/#listItem","name":"Posts"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/#listItem","position":2,"name":"Posts","item":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/#listItem","name":"CyberSecurity"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/#listItem","position":3,"name":"CyberSecurity","item":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/standards\/#listItem","name":"Standards"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/#listItem","name":"Posts"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/standards\/#listItem","position":4,"name":"Standards","item":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/standards\/","nextItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#listItem","name":"STIX2.1 Best Practices"},"previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/#listItem","name":"CyberSecurity"}},{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#listItem","position":5,"name":"STIX2.1 Best Practices","previousItem":{"@type":"ListItem","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/standards\/#listItem","name":"Standards"}}]},{"@type":"Organization","@id":"https:\/\/cyberthreatintelligencenetwork.com\/#organization","name":"Cyber Threat Intelligence Network","description":"Cybersecurity Center","url":"https:\/\/cyberthreatintelligencenetwork.com\/","telephone":"+14804624039","logo":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2021\/01\/cropped-cropped-2020-logo.png","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#organizationLogo","width":757,"height":237},"image":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#organizationLogo"},"sameAs":["https:\/\/www.facebook.com\/CyberThreatIntelligenceNetwork\/","https:\/\/twitter.com\/CTIN_Global","https:\/\/www.linkedin.com\/in\/janeginn\/","https:\/\/bsky.app\/profile\/janeginn.bsky.social"]},{"@type":"Person","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author","url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/","name":"Jane Ginn","image":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/07\/rjg-PhonePhoto.PNG"},"sameAs":["https:\/\/x.com\/CTIN_Global","https:\/\/www.linkedin.com\/in\/janeginn\/","https:\/\/bsky.app\/profile\/janeginn.bsky.social","https:\/\/infosec.exchange\/@ctin"],"description":"As the co-founder of the US-based Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. Her work with the Cyber Threat Intelligence (CTI) technical committee earned her the 2020 Distinguished Contributor award from OASIS. She is currently supporting the analysis services of Datos Insights, an advisory firm focusing on the financial services sector. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn","jobTitle":"CTIN President & Co-Founder","alumniOf":[{"@type":"EducationalOrganization","name":"Norwich University","sameAs":"https:\/\/online.norwich.edu\/online\/programs-courses\/programs\/master-science-cybersecurity"}]},{"@type":"WebPage","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#webpage","url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/","name":"STIX2.1 Best Practices - CTIN","description":"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/#website"},"breadcrumb":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#breadcrumblist"},"author":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author"},"creator":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/author\/neffie\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2022\/11\/SteelBlueAbstract.jpg","@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#mainImage","width":1640,"height":679,"caption":"Computer on desktop in office with technology theme hologram. Multi exposure. Tech concept."},"primaryImageOfPage":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/#mainImage"},"datePublished":"2022-10-10T21:08:34+00:00","dateModified":"2024-06-23T17:56:36+00:00"},{"@type":"WebSite","@id":"https:\/\/cyberthreatintelligencenetwork.com\/#website","url":"https:\/\/cyberthreatintelligencenetwork.com\/","name":"Training Center","description":"Cybersecurity Center","inLanguage":"en-US","publisher":{"@id":"https:\/\/cyberthreatintelligencenetwork.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"CTIN - Cybersecurity Center","og:type":"article","og:title":"STIX2.1 Best Practices - CTIN","og:description":"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.","og:url":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/","og:image":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png","og:image:secure_url":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png","og:image:width":112,"og:image:height":112,"article:published_time":"2022-10-10T21:08:34+00:00","article:modified_time":"2024-06-23T17:56:36+00:00","article:publisher":"https:\/\/www.facebook.com\/CyberThreatIntelligenceNetwork\/","twitter:card":"summary","twitter:site":"@CTIN_Global","twitter:title":"STIX2.1 Best Practices - CTIN","twitter:description":"The STIX Best Practices guide suggests best practices to use for STIX content, considering both the normative statements as well as considerations beyond the specification.","twitter:creator":"@CTIN_Global","twitter:image":"https:\/\/cyberthreatintelligencenetwork.com\/wp-content\/uploads\/2024\/05\/SocialShare-Image.png"},"aioseo_meta_data":{"post_id":"764","title":null,"description":null,"keywords":null,"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"seo_analyzer_scan_date":"2025-08-25 21:55:06","breadcrumb_settings":null,"limit_modified_date":false,"reviewed_by":null,"open_ai":"{\"title\":{\"suggestions\":[],\"usage\":0},\"description\":{\"suggestions\":[],\"usage\":0}}","ai":null,"created":"2024-04-18 16:55:43","updated":"2025-08-25 21:55:06"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/\" title=\"Posts\">Posts<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/\" title=\"CyberSecurity\">CyberSecurity<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/standards\/\" title=\"Standards\">Standards<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\tSTIX2.1 Best Practices\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/cyberthreatintelligencenetwork.com"},{"label":"Posts","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/blog\/posts\/"},{"label":"CyberSecurity","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/"},{"label":"Standards","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/category\/cybersecurity\/standards\/"},{"label":"STIX2.1 Best Practices","link":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/2022\/10\/10\/stix2-1-best-practices\/"}],"amp_enabled":false,"_links":{"self":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts\/764","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/comments?post=764"}],"version-history":[{"count":8,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts\/764\/revisions"}],"predecessor-version":[{"id":4416,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/posts\/764\/revisions\/4416"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/media\/813"}],"wp:attachment":[{"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/media?parent=764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/categories?post=764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberthreatintelligencenetwork.com\/index.php\/wp-json\/wp\/v2\/tags?post=764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}