Free Knowledge Check (SCOR) Answer: Security Concepts Question #4
TAXII is an open transport mechanism that standardizes the automated echange of cyber-threat information.
TAXII
TAXII was created by MITRE Corporation. The Entire purpose of this open transport mechanism is for Cybersecurity Threat Intelligence (CTI).
What other protocols are in the exam that are made by MITRE Corporation?
MITRE Corporation products covered in the SCOR:
- STIX
- MITRE ATT&CK
- Common Vulnerabilities and Exposures (CVE)
STIX
STIX (Structured Threat Information Expression) created by MITRE Corporation. This is a JSON based language that works hand and hand with TAXII.
MITRE ATT&CK
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a global open source knowledge base. This knowledge base focuses on known cyber security tactics and techniques. Helping cybersecurity teams understand attacker behaviour.
Common Vulnerabilities and Exposures (CVE)
This is a database of known vulnerabilities, Also managed by MITRE Corporation with US government support. Each vulnerability has a CVE record. Here is some additional information from the source: https://www.cve.org/About/Overview