IMPORTANT NOTICE: The CybOX Language has been integrated into Version 2.0 of Structured Threat Information eXpression (STIX™).
DHS transitioned CybOX, STIX, and TAXII to Organization for the Advancement of Structured Information Standards (OASIS), a non-profit consortium that drives the development, convergence, and adoption of open standards for the global information society. The Cyber Threat Intelligence (CTI) Technical Committee (TC) now leads the ongoing development of these standards. Organizations and individuals that wish to play a regular and active role in the shaping of these standards should consider joining OASIS and the CTI TC. Learn more about the transition:
Everything that the CTI TC does is public and the discussions around the evolution of the specifications are no exception. Therefore, the CTI TC and CybOX subcommittee member-only lists are publicly archived for access by anyone at the following links:
Non-OASIS members can sign up for the public cti-users mailing list:
A new mailing list, cti-users@lists.oasis-open.org, has been created that is intended for discussing topics related to the effective use of STIX/TAXII/CybOX and the development of solutions that use these standards. Unlike the other CTI TC lists, this list will be open to anyone to join and post to.
If you are interested in joining the cti-users list you will need to explicitly subscribe. You may do that by sending a blank email message to cti-users-subscribe@lists.oasis-open.org and then replying to the list server’s email response requesting confirmation.
Organizations and individuals who are not OASIS CTI TC members may provide comments to the CTI TC via the CTI TC Public Comment List:
A growing list of products and open source projects using CybOX, STIX, and TAXII.
Go the OASIS CTI registration form.