Stix/taxii support

Is there anything about stix/taxii data that I can use with Graylog?

Hey there, can you elaborate a bit more about what you mean? I’m not familiar with either of these terms and I’m sure that they’re not universal across the community. I know I’ve mentioned this before, but the more information you provide when asking questions here in the community, the more likely you are to get an answer. See How to Post a Question in the Community that Gets Responses for some inspiration.

Hi @aaronsachs,
sorry for the wrong question.
STIX and TAXII are standards developed in an effort to improve the prevention and mitigation of cyber-attacks.
STIX states the “what” of threat intelligence, while TAXII defines “how” that information is relayed.

So STIX and TAXII could be something like LookupTable (as OTX is currently used) where TEXII information could be enriched with STIX informations.
STIX has been adopted as an international standard by various intelligence sharing communities and organizations, while TAXII is designed specifically to support STIX information, which it does by defining an API that aligns with common sharing models

My question so become: is there something that the communuty already did in order to manage it?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.