Structured Threat Information eXpression

A Structured Language for Cyber Threat Intelligence Information


STIX™ is a collaborative community-driven effort to define and develop a standardized language to represent structured cyber threat information. The STIX Language intends to convey the full range of potential cyber threat information and strives to be fully expressive, flexible, extensible, automatable, and as human-readable as possible. All interested parties are welcome to participate in evolving STIX as part of its open, collaborative community.

Trusted Automated eXchange of Indicator Information (TAXII™) is the main transport mechanism for cyber threat information represented as STIX. Through the use of TAXII services, organizations can share cyber threat information in a secure and automated manner.


More News »

Status Report

STIX Version 1.1 is a minor release of the STIX language that can be utilized for practical operational use and integration into other standards efforts. Version 1.1 includes numerous updates such as: upgrade to Cyber Observables eXpression (CybOX™) Version 2.1, addition of mechanics for versioning content, more flexible packaging of STIX content, and many other bug fixes and added features that have been requested by the community since Version 1.0. View the complete Release Notes.

Page Last Updated: April 09, 2014