TAXII (Trusted Automated eXchange of Indicator Information)
Definition
An OASIS open standard that defines an HTTPS-based protocol for transporting STIX content between organisations. A TAXII server exposes collections; clients poll or subscribe to receive updates.
Related terms
- IoC (Indicator of Compromise)
- Observable artefact linked to malicious activity. File hashes (MD5, SHA-256, ImpHash, ssdeep, TLSH), IPs, domains, URLs, registry keys, mutex names, named pipes,...
- ISAC (Information Sharing and Analysis Center)
- A sector-specific membership organisation that collects, analyses, and redistributes threat intelligence among its members under confidentiality agreements. Examples include FS-ISAC (financial services),...
- STIX (Structured Threat Information eXpression)
- An OASIS open standard that defines a JSON-based language for describing cyber threat intelligence. STIX 2.1 defines objects for indicators, threat actors,...
- Threat intelligence
- Processed, analysed information about adversaries, their capabilities, and their current or anticipated activities. Includes strategic intelligence (actor motivations and trends) and tactical...
- Traffic Light Protocol (TLP)
- A standardised colour-coded scheme for marking intelligence sharing restrictions. TLP:RED is for named recipients only; TLP:AMBER is for members' organisations; TLP:GREEN is...
Explained in
- Intelligence Sources, Feeds and Sharing PlatformsAn OASIS open standard that defines an HTTPS-based protocol for transporting STIX content between organisations. A TAXII server exposes collections; clients po...