[SC-100] What's the difference between STIX and TAXII?
August 13, 2023
I've heard this question come up a few times so I thought it would be a good blog topic: what's the difference between "STIX" and "TAXII"?
It's actually pretty straight-forward:
- STIX stands for "Structured Threat Information Expressions" and is a structured data format for describing threat information. The idea here is to provide a way for information security sharing communities to have a common "language" to detail threats.
- TAXII stands for "Trusted Automated Exchange of Intelligence Information (TAXII)" and is a protocol for exchanging STIX-formatted threat intelligence.
Yet another really nifty table from Google Bard:
Like this article?
0
Posted in: certificationsc-100stixtaxii