CybOX - CybOX Version 2.0.1 (Official) 
CybOX

Cyber Observable eXpression

A Structured Language for Cyber Observables

CybOX Language — Version 2.1
Home > CybOX Language > CybOX Version 2.0.1 (Official)  

Version 2.0.1 (Official)

This page provides information on the current official release of the CybOX Language. All information about the new version is included in this centralized location. Join the CybOX Community to participate in the next version of CybOX.

Downloads

Includes downloads for the Version 2.0.1 core, common, and object-specific xml schemas, objects, and specifications.

CybOX Core and Common Downloads
File Name Version Schema Documentation
All Files 2.0.1 ZIP
All Files (offline) 2.0.1 ZIP
Core 2.0.1 XSD HTML
Common 2.0.1 XSD HTML
Default Vocabularies 2.0.1 XSD HTML
CybOX Object Downloads
File Name Version Schema Documentation
API Object 2.0.1 XSD HTML
Account Object 2.0.1 XSD HTML
Address Object 2.0.1 XSD HTML
Artifact Object 2.0.1 XSD HTML
Code Object 2.0.1 XSD HTML
Custom Object 1.0.1 XSD HTML
DNS Cache Object 2.0.1 XSD HTML
DNS Query Object 2.0.1 XSD HTML
DNS Record Object 2.0.1 XSD HTML
Device Object 2.0.1 XSD HTML
Disk Object 2.0.1 XSD HTML
Disk Partition Object 2.0.1 XSD HTML
Email Message Object 2.0.1 XSD HTML
File Object 2.0.1 XSD HTML
GUI Dialogbox Object 2.0.1 XSD HTML
GUI Object 2.0.1 XSD HTML
GUI Window Object 2.0.1 XSD HTML
HTTP Session Object 2.0.1 XSD HTML
Library Object 2.0.1 XSD HTML
Link Object 1.0.1 XSD HTML
Linux Package Object 2.0.1 XSD HTML
Memory Object 2.0.1 XSD HTML
Mutex Object 2.0.1 XSD HTML
Network Connection Object 2.0.1 XSD HTML
Network Flow Object 2.0.1 XSD HTML
Network Packet Object 2.0.1 XSD HTML
Network Route Entry Object 2.0.1 XSD HTML
Network Route Object 2.0.1 XSD HTML
Network Socket Object 2.0.1 XSD HTML
Network Subnet Object 2.0.1 XSD HTML
PDF File Object 1.0.1 XSD HTML
Pipe Object 2.0.1 XSD HTML
Port Object 2.0.1 XSD HTML
Process Object 2.0.1 XSD HTML
Product Object 2.0.1 XSD HTML
Semaphore Object 2.0.1 XSD HTML
Socket Address Object 1.0.1 XSD HTML
System Object 2.0.1 XSD HTML
URI Object 2.0.1 XSD HTML
Unix File Object 2.0.1 XSD HTML
Unix Network Route Entry Object 2.0.1 XSD HTML
Unix Pipe Object 2.0.1 XSD HTML
Unix Process Object 2.0.1 XSD HTML
Unix User Account Object 2.0.1 XSD HTML
Unix Volume Object 2.0.1 XSD HTML
User Account Object 2.0.1 XSD HTML
User Session Object 2.0.1 XSD HTML
Volume Object 2.0.1 XSD HTML
Whois Object 2.0.1 XSD HTML
Win Computer Account Object 2.0.1 XSD HTML
Win Critical Section Object 2.0.1 XSD HTML
Win Driver Object 2.0.1 XSD HTML
Win Event Log Object 2.0.1 XSD HTML
Win Event Object 2.0.1 XSD HTML
Win Executable File Object 2.0.1 XSD HTML
Win File Object 2.0.1 XSD HTML
Win Handle Object 2.0.1 XSD HTML
Win Kernel Hook Object 2.0.1 XSD HTML
Win Kernel Object 2.0.1 XSD HTML
Win Mailslot Object 2.0.1 XSD HTML
Win Memory Page Region Object 2.0.1 XSD HTML
Win Mutex Object 2.0.1 XSD HTML
Win Network Route Entry Object 2.0.1 XSD HTML
Win Network Share Object 2.0.1 XSD HTML
Win Pipe Object 2.0.1 XSD HTML
Win Prefetch Object 2.0.1 XSD HTML
Win Process Object 2.0.1 XSD HTML
Win Registry Key Object 2.0.1 XSD HTML
Win Semaphore Object 2.0.1 XSD HTML
Win Service Object 2.0.1 XSD HTML
Win System Object 2.0.1 XSD HTML
Win System Restore Object 2.0.1 XSD HTML
Win Task Object 2.0.1 XSD HTML
Win Thread Object 2.0.1 XSD HTML
Win User Account Object 2.0.1 XSD HTML
Win Volume Object 2.0.1 XSD HTML
Win Waitable Timer Object 2.0.1 XSD HTML
X509 Certificate Object 2.0.1 XSD HTML
CybOX Extension Downloads
Extension Name Extension Point Version Schema Documentation
CPE 2.3 Platform 1.0.1 XSD HTML

CybOX Data Dictionaries
Dictionary Name Download
Core, Common, and Vocabularies cybox_data_dictionary.xlsx
Objects cybox_objects_data_dictionary.xlsx
Extensions cybox_extensions_data_dictionary.xlsx

Release Notes

The major highlights of Version 2.0.1 are listed below:

  • Critical bug fixes to the URI and Link objects to allow them to be used for their intended purposes.
  • Corrected the annotations on CybOX Object Property types to specify the correct usage of the delimiter for multi-value fields.
  • Added a @cybox_update_version attribute to allow for the expression of which update version of CybOX is being used.

There are also full release notes available.

Samples

Sample content for Version 2.0.1 is actively being developed and released. The latest release was on September 20, 2013 and can be downloaded in a single zip file:

Timeline

PLANNING DRAFT(S) RELEASE CANDIDATE OFFICIAL
20 September 2013

Status Reports

Status updates are included below. You may also review the CybOX Community Discussion Archives for discussions about Version 2.0.1.

[2013-09-20]
Version 2.0.1 of the CybOX Language is now available. This release includes a number of improvements, as listed in the Release Notes section above. Please send any comments or concerns about this release to the CybOX Community Discussion List, or directly to cybox@mitre.org.
Page Last Updated: September 20, 2013