STIX™ Version 2.0. Part 1: STIX Core Concepts
STIX™ Version 2.0. Part 1: STIX Core Concepts
1 Introduction
1.0 IPR Policy
1.1 Terminology
1.2 Normative References
1.3 Non-Normative References
1.4 Overview
1.5 Naming Requirements
1.6 Document Conventions
2 Common Data Types
2.1 Boolean
2.2 External Reference
2.3 Float
2.4 Hashes
2.5 Identifier
2.6 Integer
2.7 Kill Chain Phase
2.8 List
2.9 Open Vocabulary
2.10 String
2.11 Timestamp
3 STIX™ Objects
3.1 Common Properties
3.2 IDs and References
3.3 Object Creator
3.4 Versioning
3.5 Common Relationships
3.6 Reserved Properties
4 Data Markings
4.1 Marking Definition
4.2 Object Markings
4.3 Granular Markings
5 Bundle
5.1 Properties
5.2 Relationships
6 Vocabularies
6.1 Attack Motivation
6.2 Attack Resource Level
6.3 Hashing Algorithm Vocabulary
6.4 Identity Class
6.5 Indicator Label
6.6 Industry Sector
6.7 Malware Label
6.8 Report Label
6.9 Threat Actor Label
6.10 Threat Actor Role
6.11 Threat Actor Sophistication
6.12 Tool Label
7 Customizing STIX™
7.1 Custom Properties
7.2 Custom Objects
8 Conformance
8.1 Producers and Consumers
8.2 Mandatory Features
8.3 Optional Features
Appendix A. Glossary
Appendix B. Acknowledgments
Appendix C. Revision History
Powered by
GitBook
8 Conformance
8 Conformance
results matching "
"
No results matching "
"