Common Standards For Sharing Cyber Threat Intelligence

Sunday, November 20, 2016

Introduction The following article provides a basic overview on the common standards for sharing Cyber Threat Intelligence. STIX (Structured Threat Information eXpression) STIX is a structured language for cyber threat intelligence. In other words, STIX offers a rich ontology for descripting and documenting cyber intelligence. STIX consists of several parts: 1. Cyber ObservablesIdentifies the specific patterns observed or may observed. Patterns are represented by using CybOX standard. Examples: IP address, email address, flow direction, File Hash value, etc. 2. IndicatorsIdentifies contextual information about observables As said before, patterns are represented by using CybOX standard. Examples: The originate...