“Decoding Political Violence with OSINT and Lessons from the Frontline”

Join deep dive: Wed, Dec 18, 16:00 CET
home Transform Hub data categories - Deep and Dark Web

STIX 2 Utilities

By ANSSI & Maltego Technologies
Leverage the 40 object types adapted from STIX into the standard Maltego ontology in your investigations.
STIX 2 Utilities integration in Maltego
Deep and Dark Web Infrastructure & Network Information Incident Response Threat Intelligence

STIX2 Entities and Transforms for Maltego

Structured Threat Information Expression (STIX™) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX is open source and free, enabling organizations to share CTI with one another in a consistent and machine-readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.

It is designed to improve many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.

This integration contains a standard STIX 2 Entity definitions and a set of helper Transforms to pivot between these Entities and the relations they have to other STIX objects via their properties. To make full use of STIX threat intelligence in Maltego, a supplementary integration into a STIX-compatible system (for example, OpenCTI) is also needed.

The development of STIX2 entities for Maltego was initially started by ANSSI and was subsequently supported by Maltego. The project is available as open-source software, learn more about the original project here.

Benefits

  • The STIX2 Entities enable representing and visualizing STIX2-compliant data in Maltego and serve as the basis for any integrations with STIX2-compatible Threat Intelligence systems
  • Leverage the 40 object types adapted from STIX into the standard Maltego ontology in your investigations, along with over 100 utility Transforms for converting standard Maltego Entities into STIX data and pivoting STIX objects into their property relationships

Typical Users

  • Cyber defenders
  • Cyber Threat Analysts
  • Malware Analysts
  • Security Tool Vendors
  • Security Researchers
  • Threat Sharing Communities

alt STIX2 Entities and Transforms for Maltego

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About STIX

STIX OASIS, a non-profit consortium that seeks to advance the development, convergence and adoption of open standards for the Internet. It was originally sponsored by the office of Cybersecurity and Communications within the United States Department of Homeland Security.

For more information, visit https://oasis-open.github.io/cti-documentation/.
Pick the right product and get started.