Documentation

Use Cases

Learn how to use STIX in real-world scenarios!

Go »

Concepts

This page describes several central STIX concepts that cut across all of the core STIX data types, including extension points, relationships, versioning, and data markings.

Go »

Idioms

STIX idioms describe how common patterns in threat intelligence (for example, C2 IPs for a trojan) are represented in STIX. They're similar to programming language idioms in that they document common patterns for representing content in STIX.

Go »

Profiles

STIX Profiles are a mechanism to allow communities of interest to define how they intend to use STIX. They're most often used to define which parts of the STIX/CybOX data models are in scope.

Go »

Python Scripting

The STIX Project provides an official Python library for scripting the creation, modification, and processing of STIX documents. The documentation is available online, and describes how to install and usage the library. Additionally, it provides API documentation for the library.

Go »

Security Considerations

Security considerations are a list of security issues that might arise when processing STIX content. The guide is non-exhaustive and does not take the place of security coding practices or other security processes but can be a good starting point.

Go »

Suggested Practices

Suggested practices (often called best practices) are guidelines that will help you create STIX content that conforms to the STIX design goals and ensures the best compatibility with other STIX tooling.

Go »

Utilities

The utilities page has information on both STIX-provided and community-provided utilities for working with STIX. It includes both user-level utilities such as visualization tools and developer-focused tooling such as bindings and APIs.

Go »

Validation

Checking whether STIX content is valid is an important part of helping to ensure compatibility. The STIX Validation rules outline how STIX documents can be validated against either STIX in general or against a specific profile.

Go »