{"id":2888,"date":"2016-04-05T06:02:24","date_gmt":"2016-04-05T06:02:24","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=2888"},"modified":"2020-05-06T10:30:02","modified_gmt":"2020-05-06T17:30:02","slug":"stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/","title":{"rendered":"STIX, TAXII and CISA &#8211; The Age of Info Sharing, Time &#038; Cost Savings, and Government Involvement"},"content":{"rendered":"<p>Hint<strong>:<\/strong>\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX &amp; TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you. Covered in this blog is information on the inception of STIX &amp; TAXII<strong>;<\/strong>\u00a0how they are used; the mindset behind them; and how they are implemented. \u201cKill-Chain\u201d is covered briefly to provide an overview of what it is and how STIX &amp; TAXII fit in. Also included, is information covering the Cybersecurity Information Sharing Act of 2015 (CISA) ((S.754 \u2013 114<sup>th<\/sup>\u00a0Congress (2015-2016) and the government\u2019s role in cybersecurity information sharing.<\/p>\n<p>Let\u2019s first take a step back and break down these long acronyms. STIX stands for the Structured Threat Information eXpression<strong>.<\/strong>\u00a0TAXII refers to the Trusted Automated eXchange of Indicator Information. Although you may not remember the acronyms, hopefully after reading this paper you gain a better understanding of the thought process behind STIX &amp; TAXII and how it is making its way into the technology industry.<\/p>\n<p>So where did these specifications originate? STIX is the result of both the Department of Homeland Security US-CERT and CERT.org discussions in 2010 that revolved around automating data exchange for cyber incidents. STIX is a structured language for describing cyber threat information so it can be shared, stored, and analyzed in a consistent manner; hence it being very concise. Since the inception of STIX &amp; TAXII, the Department of Homeland Security has transitioned work to the OASIS Cyber Threat Intelligence (CTI) Technical Committee. This committee is made up of a number of organizations around the world to develop and promote standards that enable cyber threat intelligence to be analyzed and shared with trusted partners and communities. This is extremely important as it ensures a type of \u201cchecks and balances\u201d approach. Gathering information and collecting input from various sources is a much better approach than having one organization dictate what is in store.<\/p>\n<p>The basis of the architecture was to ensure everyone was on the same page in regards to defining what information should be included within a structured cyber threat indicator and what shouldn\u2019t be. As the initial structure progressed and gained momentum, other interested parties began joining in, ironing out the details, and making collaborative changes. It is because of all of the discussions and collaborating that a XML schema implementation of STIX architecture was born.<\/p>\n<p>TAXII, on the other hand, is a set of specifications to help standardize the trusted, automated exchange of cyber threat information led by the DHS (Departments of Homeland Security) and the MITRE Corporation. In today\u2019s world, sharing threat information is extremely challenging. Sharing threat information is either done manually or by separate, community-specific automated solutions, which in turn is extremely time-consuming and costly. TAXII provides an automated way to share cyber threat information vastly with partners and communities who choose to share information. So if you are wondering if STIX &amp; TAXII are relative, it\u2019s because they are. STIX is the language, while TAXII is the vehicle that makes communication possible.<\/p>\n<p>Up until recent times, complex well thought out attacks were far and in between. In today\u2019s world they are a common occurrence plaguing enterprises around the world. The term \u201ckill chain\u201d is something you might have heard of in passing, or something you may be extremely familiar with. The term was originally used as a military concept relevant to the structure of an attack. A well known company<strong>,<\/strong>\u00a0Lockheed Martin<strong>,<\/strong>\u00a0adapted this concept to information security using it as a tool to explain intrusions on a computer network. Since then<strong>,<\/strong>\u00a0the term has been adopted by many and is used throughout the industry. It is important to have an idea of what the \u201ckill chain\u201d is, because it ultimately provides some insight into how STIX &amp; TAXII play a role.<\/p>\n<p>The cyber \u201ckill chain\u201d can be categorized differently depending on who is speaking to it and what their interpretation is. None the less, the principles remain the same. Lockheed Martin defined the \u201cCyber Kill Chain\u201d with the following flow<strong>:<\/strong>\u00a0(1) Reconnaissance, (2) Weaponization, (3) Delivery, (4) Exploitation, (5) Installation, (6) Command &amp; Control, and (7) Action on Objectives. I won\u2019t be going through each in detail<strong>,<\/strong>\u00a0but you can see this provides a pretty good template on how a cyber attack unfolds.<\/p>\n<p>Incident response efforts to this point, have taken place after the exploit stage has taken place. This means the attack has progressed to the point where the attacker has found a vulnerability and is able to execute potentially devastating code. The tools found in an organization today<strong>,<\/strong>\u00a0although resourceful, tend to respond to incidents after the exploit has already occurred. This can be extremely time consuming and include a wide range of negative impacts including degraded performance, downtime, financial loss, tarnished reputation and, well<strong>\u2026<\/strong>\u00a0you get the picture. Digging to find the cause and remove the \u201cinfection\u201d is resource intensive and can ultimately become quite costly.<\/p>\n<p><em>Enter STIX &amp; TAXII<\/em>. In an effort to be proactive and move the needle away from incident response and toward incident prevention, STIX &amp; TAXII play a key role. Knowing full well there is no \u201csilver bullet\u201d in regards to protection, STIX &amp; TAXII help by providing the ability to share threat information quickly and robustly, providing for a more complete picture<strong>,<\/strong>\u00a0or understanding<strong>,\u00a0<\/strong>when it comes to threat intelligence. This is only valuable of course, if information is being provided by various sources. Wouldn\u2019t it be great if Enterprise A\u2019s IDS caught something and shared that information with others? Ultimately helping Enterprise B protect against that same exact threat? While this all sounds great in theory, one issue we are currently seeing is that people generally don\u2019t like to share. Sharing means using time and resources, and most are just not that willing to do such a thing; specifically, because there is no real incentive in sharing information. One thing is for sure, with the Internet of Things (IoT) being a major topic across the industry, it simply enforces the fact that threat intelligence needs to be shared and made available for the greater good. Using our homes as an example, we are seeing a drastic change in how electronics communicate. Everything from TV\u2019s to refrigerators now have an IP address and have access the internet; meaning they are vulnerable. STIX &amp; TAXII will help help allow these devices be better protected from possible attacks, and they ultimately may have been spared because of cyber threat information received from someone else.<\/p>\n<p>Of course sharing information requires going over what you want to share and defining what you are willing to let others see. While this doesn\u2019t mean sharing confidential information; it means coming up with a way to standardized threat information you feel will benefit the community as a whole. So how is information shared? Well, TAXII has three different sharing models: Hub and Spoke, Source\/Subscriber, and Peer-to-Peer. You have the ability to decide how you want to share information as well as determine who you want information from; as long as they are participating of course.<\/p>\n<p>In a personal opinion, there are some issues, as with all new things, that I believe will ultimately be addressed or modified at some point. One being that TAXII currently defines XML messages over HTTP(S), and looks at the complete file, rather than specific information the subscriber may be looking for. I like to think STIX &amp; TAXII are similar to to RIPv1 \u2013 ultimately waiting to be evolved into a more sophisticated protocol.<\/p>\n<p>At the end of the day STIX &amp; TAXII are great in theory but can only be as successful as the communities and individuals who participate. If no one is willing to share, then it becomes useless; but, if sharing is encouraged, the wealth of threat intelligence information can be extremely helpful and provide the ability to detect threats before they hit the dreaded exploit stage of the \u201ckill chain.\u201d The benefits in this case are easy to see; time savings, money savings, and potentially your reputation.<\/p>\n<p>President Barack Obama called the cyber threat we face \u201c<strong>one of the most serious economic and national security challenges we face as a nation<\/strong>.\u201d\u00a0<em>\u2013 The White House, Office of the Press Secretary, Remarks by the President on Securing Our Nation\u2019s Cyber Infrastructure (May 29, 2009).<\/em><\/p>\n<p>Signed into law on December 28, 2015, the Cybersecurity Information Sharing Act of 2015 (CISA) shows the government\u2019s awareness of the cybersecurity issue that faces our nation, and the need for shared cyber threat intelligence. The act is the government\u2019s way of helping bridge the gap between the federal government and the private sector when it comes to sharing cybersecurity information. The DHS recently made headway by releasing initial guidelines for cyber threat information this past February. To ensure the exchange of cybersecurity information in a timely manner between the federal government and the private sector, the DHS has developed the Automated Indicator Sharing (AIS) initiative.<\/p>\n<p>Although it is nice to see the government recognizing the need for shared threat intelligence and providing classified threat intelligence information like they do in its Enhanced Cybersecurity Services (ECS) program, it should also be kept in check to always ensure they are not overstepping their bounds. Right now it looks like all the right moves are being made. The ECS program allows the private sector to obtain government classified threat intelligence information to use as they wish, without it being forced on them.<\/p>\n<p>While STIX, TAXII and CISA are ways to help the private sector and federal government standardize the sharing of threat intelligence, ultimately creating a web of information; it will be up to the vendors, enterprises, ISP\u2019s, and various communities to share the cyber threat intelligence they have collected to get the most out of it. One thing everyone can count on moving forward, is more advanced, intelligent cybersecurity threats increasing over time. Sharing threat information has never been more relevant and has never been more important than it is right now.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hint:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX &amp; TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the [&hellip;]<\/p>\n","protected":false},"author":216,"featured_media":2891,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[16,15],"class_list":{"0":"post-2888","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-infoblox","9":"tag-security","10":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>STIX, TAXII and CISA - The Age of Info Sharing, Time &amp; Cost Savings, and Government Involvement<\/title>\n<meta name=\"description\" content=\"int:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX &amp; TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"STIX, TAXII and CISA - The Age of Info Sharing, Time &amp; Cost Savings, and Government Involvement\" \/>\n<meta property=\"og:description\" content=\"int:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX &amp; TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2016-04-05T06:02:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T17:30:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/482461333.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2061\" \/>\n\t<meta property=\"og:image:height\" content=\"1457\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"John Toca\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"John Toca\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/\"},\"author\":{\"name\":\"John Toca\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/40302ed412b5c2fa7d5cd67c1e44074d\"},\"headline\":\"STIX, TAXII and CISA &#8211; The Age of Info Sharing, Time &#038; Cost Savings, and Government Involvement\",\"datePublished\":\"2016-04-05T06:02:24+00:00\",\"dateModified\":\"2020-05-06T17:30:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/\"},\"wordCount\":1733,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/482461333.jpg\",\"keywords\":[\"Infoblox\",\"Security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/\",\"name\":\"STIX, TAXII and CISA - The Age of Info Sharing, Time & Cost Savings, and Government Involvement\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/482461333.jpg\",\"datePublished\":\"2016-04-05T06:02:24+00:00\",\"dateModified\":\"2020-05-06T17:30:02+00:00\",\"description\":\"int:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX & TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/482461333.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/482461333.jpg\",\"width\":2061,\"height\":1457,\"caption\":\"STIX, TAXII and CISA \u00e4\u00f3\u0144 The Age of Info Sharing, Time & Cost Savings, and Government Involvement\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"STIX, TAXII and CISA &#8211; The Age of Info Sharing, Time &#038; Cost Savings, and Government Involvement\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/40302ed412b5c2fa7d5cd67c1e44074d\",\"name\":\"John Toca\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a83de2786e428c59b9dd5ed55975560bca5f9f3ed04e36e4f4a9af6234b918b9?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a83de2786e428c59b9dd5ed55975560bca5f9f3ed04e36e4f4a9af6234b918b9?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a83de2786e428c59b9dd5ed55975560bca5f9f3ed04e36e4f4a9af6234b918b9?s=96&d=blank&r=g\",\"caption\":\"John Toca\"},\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/john-toca\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"STIX, TAXII and CISA - The Age of Info Sharing, Time & Cost Savings, and Government Involvement","description":"int:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX & TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/","og_locale":"en_US","og_type":"article","og_title":"STIX, TAXII and CISA - The Age of Info Sharing, Time & Cost Savings, and Government Involvement","og_description":"int:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX & TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/","og_site_name":"Infoblox Blog","article_published_time":"2016-04-05T06:02:24+00:00","article_modified_time":"2020-05-06T17:30:02+00:00","og_image":[{"width":2061,"height":1457,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/482461333.jpg","type":"image\/jpeg"}],"author":"John Toca","twitter_card":"summary_large_image","twitter_misc":{"Written by":"John Toca","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/"},"author":{"name":"John Toca","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/40302ed412b5c2fa7d5cd67c1e44074d"},"headline":"STIX, TAXII and CISA &#8211; The Age of Info Sharing, Time &#038; Cost Savings, and Government Involvement","datePublished":"2016-04-05T06:02:24+00:00","dateModified":"2020-05-06T17:30:02+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/"},"wordCount":1733,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/482461333.jpg","keywords":["Infoblox","Security"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/","url":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/","name":"STIX, TAXII and CISA - The Age of Info Sharing, Time & Cost Savings, and Government Involvement","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/482461333.jpg","datePublished":"2016-04-05T06:02:24+00:00","dateModified":"2020-05-06T17:30:02+00:00","description":"int:\u00a0we are not talking about the band, or the type of transit you take home from a long night at the bar. STIX & TAXII are two fairly new specifications in the cyber security world to which many either have not heard of, or know very little about. If you happen to know even the basic principles of why these standards were created, then you are already ahead of the game, and I applaud you.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/482461333.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/482461333.jpg","width":2061,"height":1457,"caption":"STIX, TAXII and CISA \u00e4\u00f3\u0144 The Age of Info Sharing, Time & Cost Savings, and Government Involvement"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/stix-taxii-and-cisa-the-age-of-info-sharing-time-cost-savings-and-government-involvement\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"STIX, TAXII and CISA &#8211; The Age of Info Sharing, Time &#038; Cost Savings, and Government Involvement"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/40302ed412b5c2fa7d5cd67c1e44074d","name":"John Toca","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/a83de2786e428c59b9dd5ed55975560bca5f9f3ed04e36e4f4a9af6234b918b9?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/a83de2786e428c59b9dd5ed55975560bca5f9f3ed04e36e4f4a9af6234b918b9?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a83de2786e428c59b9dd5ed55975560bca5f9f3ed04e36e4f4a9af6234b918b9?s=96&d=blank&r=g","caption":"John Toca"},"url":"https:\/\/www.infoblox.com\/blog\/author\/john-toca\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2888","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/216"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=2888"}],"version-history":[{"count":2,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2888\/revisions"}],"predecessor-version":[{"id":4726,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/2888\/revisions\/4726"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/2891"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=2888"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=2888"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=2888"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}