Sign In

Communications of the ACM

ACM TechNews

Cyber Threat Info Sharing Made Easier


The STIX logo.

The next iteration of the Structured Threat Information eXchange (STIX), a machine-to-machine cyberthreat information-sharing language, is nearing completion.

Credit: OASIS Cyber Threat Intelligence

The next iteration of the Structured Threat Information eXchange (STIX), a machine-to-machine cyberthreat information-sharing language, is nearing completion.

STIX was designed by the U.S. Department of Homeland Security to facilitate information sharing between industry, critical infrastructure operators, and government in order to thwart cyberattacks.

Participants in the information-sharing program connect to a common platform called Trusted Automated eXchange of Indicator Information to exchange threat information.

The goal is that a more effective machine-to-machine threat information-sharing language will speed its adoption across industry.

MITRE's John Wunder notes STIX 2.0 focuses on simplicity and standardization, with fewer options and more requirements than the first iteration.

Work on STIX 2.1 already has started and will address some areas that were differentiated in order to build out the basic framework, including response features such as an incident and event object, more in-depth modeling of malware and infrastructure, and feedback mechanisms.

From Government Computer News
View Full Article

 

Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA


 

No entries found

Read CACM in a free mobile app!
Access the latest issue, plus archived issues and more
ACM Logo
  • ACM CACM apps available for iPad, iPhone and iPod Touch, and Android platforms
  • ACM Digital Library apps available for iOS, Android, and Windows devices
  • Download an app and sign in to it with your ACM Web Account
Find the app for your mobile device
ACM DL Logo