Skip to content
Log in

TAXII

Definition

Trusted Automated eXchange of Intelligence Information. The transport protocol used to share STIX content between organisations. TAXII defines server and client roles, collection discovery, and pull or push delivery mechanisms. Used together with STIX to enable automated, cross-organisation intelligence sharing.

Related terms

Diamond Model
An analytic framework that structures a cyber intrusion event around four linked elements: adversary, capability, infrastructure, and victim. The model makes explicit...
Indicator of Compromise (IoC)
An observable artefact that suggests a system has been involved in a malicious event. Static analysis produces file-based IoCs: cryptographic hashes, embedded...
MITRE ATT&CK
A publicly available knowledge base of adversary tactics, techniques, and procedures derived from real-world intrusion observations. Maintained by the MITRE Corporation. Techniques...
STIX
Structured Threat Information eXpression. A standardised, machine-readable language for encoding and sharing threat intelligence objects such as indicators, threat actors, campaigns, and...
Tactics, Techniques, and Procedures (TTPs)
A three-level description of adversary behaviour. Tactics are the high-level goals (initial access, persistence, exfiltration). Techniques are the specific methods (spear-phishing, pass-the-hash)....

Explained in

  • Threat Intelligence FundamentalsTrusted Automated eXchange of Intelligence Information. The transport protocol used to share STIX content between organisations. TAXII defines server and clien...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account