TAXII (Trusted Automated eXchange of Intelligence Information)
Definition
The transport protocol companion to STIX. TAXII defines how STIX data is exchanged between servers and clients over HTTPS, enabling automated ingestion of threat intelligence feeds.
Related terms
- Domain generation algorithm (DGA)
- Code embedded in malware that produces a large set of pseudo-random domain names on a scheduled basis. The malware tries each until...
- Indicator of Compromise (IoC)
- An observable artefact that suggests a system has been involved in a malicious event. Static analysis produces file-based IoCs: cryptographic hashes, embedded...
- MISP (Malware Information Sharing Platform)
- An open-source threat intelligence platform that enables structured sharing of IOCs and threat intelligence using STIX and other formats. Widely deployed by...
- Pyramid of Pain
- A model proposed by David Bianco that ranks IOC types by the cost to an attacker of changing them when defenders start...
- STIX (Structured Threat Information eXpression)
- An OASIS open standard that defines a JSON-based language for describing cyber threat intelligence. STIX 2.1 defines objects for indicators, threat actors,...
Explained in
- Indicators of Compromise: Identification and UseThe transport protocol companion to STIX. TAXII defines how STIX data is exchanged between servers and clients over HTTPS, enabling automated ingestion of thre...