Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyberthreat intelligence (CTI). Trusted Automated Exchange of Intelligence Information (TAXII) is a protocol used to exchange cyberthreat intelligence (CTI) over HTTPS.

With STIX, all aspects of suspicion, compromise, and attribution are represented as objects and descriptive relationships. STIX information can be visually represented for an analyst or stored as JSON to be quickly machine readable.

cyberthreat intelligence (CTI) was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyberthreat intelligence. The CTI is primarily focused on development and standardization of Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indicator Information (TAXII).