1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Basic concept – Cybersecurity information exchange (CYBEX)
7 Structured cybersecurity information exchange techniques
7.1 Weakness, vulnerability and state – exchange cluster
7.2 Event, incident, and heuristics – exchange cluster
7.3 Information exchange policy – exchange cluster
7.4 Identification, discovery, and query cluster
7.5 Identity assurance cluster
7.6 Exchange protocol cluster
Appendix I – Structured cybersecurity information exchange techniques
Appendix II – A cybersecurity information exchange ontology
II.1 Operation domains
II.2 Cybersecurity entities
II.3 Cybersecurity operational information
Appendix III – CYBEX examples of security automation schemas
III.1 Example: USA Federal Desktop Core Configuration/United States
Government Configuration Baseline
III.2 Example: Japan vulnerability information portal site, JVN
Bibliography