Table of Contents

 1     Scope        
 2     References             
 3     Definitions
        3.1     Terms defined elsewhere      
        3.2     Terms defined in this Recommendation          
 4     Abbreviations and acronyms           
 5     Conventions           
 6     Basic concept – Cybersecurity information exchange (CYBEX)           
 7     Structured cybersecurity information exchange techniques  
        7.1     Weakness, vulnerability and state – exchange cluster 
        7.2     Event, incident, and heuristics – exchange cluster       
        7.3     Information exchange policy – exchange cluster         
        7.4     Identification, discovery, and query cluster     
        7.5     Identity assurance cluster      
        7.6     Exchange protocol cluster     
Appendix I – Structured cybersecurity information exchange techniques    
Appendix II – A cybersecurity information exchange ontology    
       II.1     Operation domains    
       II.2     Cybersecurity entities
       II.3     Cybersecurity operational information             
Appendix III – CYBEX examples of security automation schemas    
      III.1     Example: USA Federal Desktop Core Configuration/United States Government Configuration Baseline    
      III.2     Example: Japan vulnerability information portal site, JVN