Threat Reports are collections of threat intelligence focused on one or more topics. Threat reports apply for STIX 2.x.

Threat reports include description of a threat actor, malware, attack technique, including context and related details. They are used to group-related threat intelligence together so that it can be published as a comprehensive cyber threat story.

The Threat Report SDO contains a list of references to STIX Objects along with a textual description and the name of the report.