记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

Support for STIX

2015-05-14 08:55

13-023 IMAGE - STIX-TAXII-CybOX_v4-02

Support for STIX

This list is incomplete and actively updated. Inclusion does not represent an endorsement.

STIX is being implemented in many products, services, and global communities.

Please fill out this form to contact the STIX Team and request inclusion or modification under User Communities or Products and Services.

User Communities

These organizations have publicly announced support for STIX and/or TAXII.

User Community Organization Type STIX TAXII Reference
Cyber Threat XChange (CTX) Health Information Trust Alliance (HITRUST) Automates process of collecting and analyzing cyber threats and distributing actionable indicators Press Release
Defense Security Information Exchange (DSIE) Defense Industrial Base Information Sharing and Analysis Organization (DIB ISAO) DSIE serves as a member-based cyber information-sharing body focused on protecting and defending DIB critical cyber networks and systems and the information residing thereon. STIX and TAXII are the core foundations of the DSIE ACIX (Automated Cyber-Intelligence Inter-Exchange) initiatives focused on providing "Analyst Driven” automated Inter-Exchange of Actionable Cyber-Threat Intelligence None available
hailataxii.com Repository of Open Source Cyber Threat Intelligence Feeds in STIX Format Hail a TAXII Repository of open source cyber threat intelligence feeds in STIX format Cited as product features on website
ICS-ISAC Industrial Control System Information Sharing and Analysis Center (ICS-ISAC) ICS-ISAC brings together infrastructure stakeholder to improve cybersecurity knowledge sharing. ICS-ISAC’s virtual SoltraEdge server, which includes STIX and TAXII interoperability, provides real-time information sharing for members Cited as features on website
Information Sharing Architecture (ISA) Enhance Shared Situational Awareness (ESSA) Initiative ISA enables machine speed sharing of cyber threat information via STIX and TAXII to promote shared cyber situational awareness among cyber mission partners (U.S. Federal Cyber Centers, other U.S. government, U.S. critical infrastructure owners, and key allies) in accordance with existing policy directives None available
Malware Information Sharing Platform (MISP) Computer Incident Response Center Luxembourg (CIRCL) MISP Community MISP allows organizations to share, store, and correlate information about malware and threats and their indicators, including STIX export Cited as product feature on website
NH-ISAC National Health Cybersecurity Intelligence Platform National Health Information Sharing & Analysis Center (NH-ISAC) Automating cybersecurity "actionable" threat intelligence, with STIX and TAXII interoperability, powered by Soltra-Edge and Vorstack Press Release
Open Threat Exchange (OTX) 2.0 AlienVault, Inc. OTX is an open threat information sharing and analysis network, upon which the latest threat intelligence will automatically update local security products into open formats such as STIX, JSON, OpenloC, MAEC, and CSV Press release
Retail Cyber Intelligence Sharing Center (R-CISC) Intelligence Sharing Portal Retail Information Sharing and Analysis Center (Retail-ISAC) Intelligence Sharing Portal managed by the Financial Services Information Sharing and Analysis Center (FS-ISAC) Press Release,News Article
Soltra Edge Financial Services Information Sharing and Analysis Center (FS-ISAC)The Depository Trust & Clearing Corporation (DTCC), and Soltra Soltra is an FS-ISAC and DTCC joint venture created to help secure critical infrastructure entities from cyber threats via its Soltra Edge threat intelligence sharing platform Press Release

Products and Services

Many vendors have implemented STIX and TAXII in their product and service offerings.

Offering Vendor Type STIX TAXII Reference
Adaptive Threat Protection Solution Tripwire, Inc. Integrates peer and community threat feeds, leveraging STIX and TAXII standards, and other commercial threat intelligence services Press Release
Advanced Threat Prevention Check Point Software Technology Ltd. ATP allows users to import indicators into threat prevention technologies, anti-bot, anti-virus, with an interface to upload STIX-formatted messages containing indicators into threat indicator database Cited as product feature in "Threat Prevention R77 Versions Administration Guide"
Bromium LAVA Bromium Inc. Endpoint security prodcut leveraging hardware virtualization that automatically creates standardized indicator of compromise reports in STIX/MAEC format for collaboration with other security tools Data Sheet
Cabby Intelworks BV A TAXII client implementation designed to act as a Python library and a command line tool supporting all TAXII services according to TAXII specification v1.0 and v1.1 Cited as product features on website,Dedicated STIX/TAXII page on website
Carbon Black Bit9 + Carbon Black Endpoint threat detection and response product that collects endpoint activity in which STIX/TAXII data feeds can be matched up against event activity to find when particular indicators or observables occur Blog article
Confer Confer Technologies, Inc. Confer, an advanced threat prevention and incident response solution, can import and export threat data in STIX format using TAXII, allowing customers to operationalize their intelligence across the endpoint Cited as product features on website,Included in FAQs on website
Cyberprobe Cybermaggedon Cyberprobe is a distributed software architecture for monitoring of networks against attack that includes support for STIX and TAXII Cited as product features on website
CyberSponse Security Operations Platform CyberSponse,Inc. CSOP, which provides a central hub for an organization's security operations and enables automated efforts, has a built-in TAXII server or can use Soltra Edge to both ingest and send STIX packages Cited as product feature on website
Damballa Failsafe Damballa, Inc. Damballa Failsafe analyzes network traffic and automatically detects infected devices after other security controls have failed; security teams receive actionable and prioritized intelligence so they can take immediate action to prevent data theft None available
Deep-Secure iXGuard Deep-Secure Deep-Secure iXGuard enables secure information exchange by carefully controlling the content that is shared such that it does not present a risk to the system that it is protecting, including STIX content Data Sheet
Endpoint Security Tanium, Inc. Endpoint security detection and remediation Cited as product features on website,"Tanium IOC Detect" Data Sheet
FLARE – Near Real Time Messaging System Business Computers Management Consulting Group, LLC (BCMC) FLARE is used for exchanging messages in a publish/subscribe model, and includes support for STIX and TAXII Cited in installation guide
FreeSTIX FreeSTIX A set of APIs written in Go for generating JSON based STIX messages Cited as product feature on website
FreeTAXII FreeTAXII A set of APIs written in Go for generating JSON based TAXII messages Cited as product feature on website
hailataxii.com Repository of Open Source Cyber Threat Intelligence Feeds in STIX Format Hail a TAXII Repository of open source cyber threat intelligence feeds in STIX format Cited as product features on website
InTELL Version 3.0 Fox-IT Real-time contextual cyber intelligence Cited as product features on websitePress Release
Intelworks Platform Intelworks BV Powered by STIX and TAXII and enables users to consolidate, enrich, analyze, integrate, and collaborate on intelligence from multiple sources Cited as product features on website,Dedicated STIX/TAXII page on website
Interflow Microsoft Corporation Security and threat information exchange platform Cited as product features on website,Included in FAQ answers on website,Press Release
Invincea Advanced Endpoint Protection 5 Invincea, Inc. Uniquely combines containerization technology with advanced endpoint visibility, analysis, and control to provide superior compromise detection and elimination; allows selective publication of threats to trusted communities in standard STIX format Press release
iSIGHT Partners ThreatScape API iSIGHT Partners Inc. ThreatScape API extends iSIGHT Partners cyber threat intelligence products and associated technical indicators to easily match indicators to rich intelligence context, ingest indicator data associated with intelligence reporting, and collect and consume intelligence reports including those in STIX format Cited as product feature on website,Included in FAQ answers on website,Press Release,Blog article
Malware Analysis Appliance Blue Coat Systems, Inc. Malware Analysis Appliance can export malware characterization data in STIX format Cited in user guide
Malware Information Sharing Platform (MISP) Computer Incident Response Center Luxembourg (CIRCL) MISP Community MISP allows organizations to share, store, and correlate information about malware and threats and their indicators, including STIX export Cited as product feature on website
OpenTAXII Intelworks BV A Python implementation of TAXII Services that delivers a rich feature set and friendly pythonic API; Implements all TAXII services according to TAXII specification v1.0 and v1.1 Cited as product features on website,Dedicated STIX/TAXII page on website
pan-stix Palo Alto Networks, Inc. pan-stix is a python package for converting Palo Alto Networks Wildfire threat information into STIX/MAEC format Cited as product feature on website
Protect Your Network Malcovery Security Machine-readable threat intelligence (MRTI) delivers human-confirmed indicators of current malware infrastructure in near-real time via our API in STIX and other formats for your automated consumption by your SIEM, proxy, firewall, etc. Cited as product feature on website
RedSocks Malware Threat Defender RedSocks B.V. RedSocks Malware Threat Defender is a network appliance that analyses digital traffic flows in real-time based on algorithms and lists of malicious indicators; it includes the ability to import malware intelligence that is structured according to the STIX and TAXII format Press Release
Soltra Edge Soltra Open and scalable threat information platform that uses open standards Cited as product features on website,Included in FAQ answers on website,Press Release
SPLICE Version 1.3.1 Splunk, Inc. Correlates Indicators of Compromise (IOCs) from SPLUNK data Cited as product features on website
Splunk App for Enterprise Security Splunk, Inc. Next-generation security intelligence platform that includes integration with STIX/TAXII and OpenIOC to allow access to threat intelligence using emerging industry specifications Press release
Targeted Threat Intelligence Service Solutionary Targeted Threat Intelligence Service Cited as product feature on website,Press Release
TAXII Directory Intelworks BV A sort of a phone book, listing organizations and available cyber threat intelligence servers and feeds Cited as product features on website,Dedicated STIX/TAXII page on website
ThreatConnect ThreatConnect, Inc. Available both on-premises and in the cloud, ThreatConnect is a threat intelligence platform that allows you to aggregate, analyze, and act on threat intelligence data, including STIX documents via TAXII Cited as product features on websitePress Release
ThreatQ ThreatQuotient, Inc. On-premise threat intelligence platform (TIP) that automates, structures, and manages intelligence in a central analytical repository "ThreatQuotient Battle Rhythm Workflow" Data Sheet
ThreatStream OPTIC ThreatStream Threat Intelligence Management platform with full support for STIX and TAXII from both an import and export capacity Cited as product feature on website
threatTRANSFORM threatTRANSFORM Open source application designed to streamline the creation, compiling, and publishing of STIX datasets Cited as product features on websitePress Release
TitaniumCore Version 2.6 ReversingLabs Threat detection and automated static analysis platform Data Sheet
Vorstack Automation and Collaboration Platform (ACP) Integration for HP ArcSight, IBM QRadar, and RSA Security Analytics, and Hadoop/other SIEM sources Vorstack Corporation Automated threat intelligence analysis and collaboration platform integration Cited as product features on websitePress Release
知识来源: www.sec-un.org/support-for-stix.html

阅读:147335 | 评论:0 | 标签:安全威胁情报

想收藏或者和大家分享这篇好文章→复制链接地址

“Support for STIX”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

关注公众号hackdig,学习最新黑客技术

推广

工具

标签云

本页关键词