CybOX - Cyber Observable Expression

About
Documents

CybOX Language
Releases
Specifications
Supported Use Cases
Examples
Utilities

Community
Discussion List

News & Events
Calendar
Free Newsletter

Contact Us
Search the Site

News

•	CybOX Language Version 1.0 (Draft) Now Available
•	Registration Now Open for MITRE’s Security Automation Developer Days 2012 on July 9-13
•	CAPEC/CWE/SAFES and CWRAF briefings at Systems & Software Technology Conference 2012
•	CybOX/Making Security Measurable booth at InfoSec World 2012
•	CybOX Mentioned in Article about Information Sharing to Help Thwart Attacks in SC Magazine

...more

Upcoming Events

•	CAPEC/CWE/Software Assurance briefing at (ISC)² SecureSDLC 2012, May 17
•	CybOX/CAPEC/MAEC/CWE/Software Assurance briefings at DHS/DoD SwA Working Group Meeting, June 25-29

...more

Status Report

CybOX Version 1.0 (Draft) is a first draft release of an initial major version of the CybOX Language that could be utilized for practical operational use and integration into other standards efforts. This release consists of three primary components: a pair of formal language specifications for the core language content and defined objects content, a set of language implementation XML schemas, and a small initial set of language utilities.

More Information

cybox@mitre.org

CybOX™ International in scope and free for public use, the Cyber Observable eXpression (CybOX) is a standardized schema for the specification, capture, characterization and communication of events or stateful properties that are observable in the operational domain. A wide variety of high-level cyber security use cases rely on such information including: event management/logging, malware characterization, intrusion detection, incident response/management, attack pattern characterization, etc. CybOX provides a common mechanism (structure and content) for addressing cyber observables across and among this full range of use cases improving consistency, efficiency, interoperability and overall situational awareness.

Related Efforts
Attack Patterns (CAPEC) Malware (MAEC) Log Format (CEE) Assessment Language (OVAL)	Event Management Automation Protocol (EMAP) Incident Object Description and Exchange Format (IODEF) IETF Managed Incident Lightweight Exchange (MILE) Making Security Measurable

Page Last Updated: November 03, 2011