Summary

Recommendation ITU-T X.1215 provides various use cases for how the structured threat information expression (STIX) language may be used to support cyber threat intelligence (CTI) and information sharing.

This Recommendation also describes concepts and functionality of the STIX language. It is targeted to support a range of use cases involved in cyber threat management, including analysing cyber threats, specifying indicator patterns for cyber threats, managing response activities and sharing cyber threat information. With this kind of information, a security decision can be made on how to best defend against the threat. It is intended to support both more effective analysis and the continued exchange of cyber threat information. The STIX suite of specifications [b-STIX2.0] is maintained under the responsibility of the Organization for the Advancement of Structured Information Standards (OASIS).