Structured Threat Information eXpression

A Structured Language for Cyber Threat Intelligence Information

STIX Language — Version 1.1.1


STIX™ is a collaborative community-driven effort to define and develop a standardized language to represent structured cyber threat information. The STIX Language intends to convey the full range of potential cyber threat information and strives to be fully expressive, flexible, extensible, automatable, and as human-readable as possible. All interested parties are welcome to participate in evolving STIX as part of its open, collaborative community.

Trusted Automated eXchange of Indicator Information (TAXII™) is the main transport mechanism for cyber threat information represented as STIX. Through the use of TAXII services, organizations can share cyber threat information in a secure and automated manner.


More News »

Status Report

STIX Version 1.1.1 is an update release of the STIX language that can be utilized for practical operational use and integration into other standards efforts.

Version 1.1.1 includes the following updates: corrected the Indicator => Campaign reference mechanism from using an incorrect type; fixed a typo in AvailabilityLossTypeEnum-1.0; made the Description, Type, and Specification fields in GenericTestMechanism optional rather than required; and fixed several cases where a Source element was not set to InformationSourceType. View the complete Release Notes.

Page Last Updated: March 25, 2015