Related MITRE Work
==============================================

CTI
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

`Cyber Threat Intelligence repository`_ of the ATT&CK catalog expressed in STIX 2.0 JSON. This 
repository also contains `our USAGE document`_ which includes additional examples of accessing 
and parsing our dataset in Python.

ATT&CK
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

ATT&CK® is a curated knowledge base and model for cyber adversary behavior, reflecting the various 
phases of an adversary's lifecycle, and the platforms they are known to target. ATT&CK is useful 
for understanding security risk against known adversary behavior, for planning security 
improvements, and verifying defenses work as expected.

https://attack.mitre.org

STIX
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

`Structured Threat Information Expression`_ (STIX™) is a language and serialization format used to 
exchange cyber threat intelligence (CTI).

STIX enables organizations to share CTI with one another in a consistent and machine-readable manner,
allowing security communities to better understand what computer-based attacks they are most likely to
see and to anticipate and/or respond to those attacks faster and more effectively.

STIX is designed to improve many capabilities, such as collaborative threat analysis, automated 
threat exchange, automated detection and response, and more.

.. _Cyber Threat Intelligence repository: https://github.com/mitre/cti
.. _our USAGE document: https://github.com/mitre/cti/blob/master/USAGE.md
.. _Structured Threat Information Expression: https://oasis-open.github.io/cti-documentation/