Structured Threat Information Expression (STIX) is a language and serialization format used to exchange cyber threat intelligence (CTI). Trusted Automated Exchange of Intelligence Information (TAXII) is a protocol used to exchange cyber threat intelligence (CTI) over HTTPS.

With STIX, all aspects of suspicion, compromise, and attribution are represented as objects and descriptive relationships. STIX information can be visually represented for an analyst or stored as JSON to be quickly machine readable.

Cyber Threat Intelligence (CTI) was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence. The CTI is primarily focused on development and standardization of Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indicator Information (TAXII).