Martin Voorzanger
November 17, 2016

Soltra is winding down, is this the end of STIX/TAXII?

  • STIX/TAXII standards have become “HTML of Cyber Security” and enable widespread, simple and low-cost information sharing for global enterprises across industries
  • EclecticIQ, top provider of STIX/TAXII-compliant Threat Intelligence Platform, commends Soltra for protecting industry as early adopter

Amsterdam - November 17, 2016 – DTCC and FS-ISAC announced on Nov. 15 that they are winding down Soltra, a joint venture between the two organizations serving the financial industry. Soltra will no longer provide updates to Soltra Edge, which has been downloaded more than 11,000 times and is being used by 2,900 organizations in over 77 countries. EclecticIQ commends Soltra for its role in protecting industry as an early adopter of STIX/TAXII, the de facto standard for information sharing in cyber threat intelligence.

Despite the short-term impact on current Soltra users, the widespread adoption and support for the STIX/TAXII standards, enables frictionless migration to other compliant platforms. Over the past year, information sharing in cyber threat intelligence has become a global phenomenon in the fight against the most virulent cyber threats that easily cross borders and industries. Within industries such as financial services, energy, oil & gas, telecom and manufacturing, large enterprises are seeking powerful cyber threat intelligence solutions backed by experienced thought leadership. Broad, integrated perspectives, rather than industry-specific solutions, have the best chance at detecting and preventing attacks.

STIX/TAXII standards have a widespread user community and a robust marketplace for STIX/TAXII-compliant tools. Over 50 commercial and open-source products already support STIX/TAXII, including but not limited to:

  • Threat Intelligence Platforms based on STIX/TAXII: EclecticIQ Platform, Soltra
  • Threat Intelligence Platforms extracting IOCs from STIX: Anomali, ThreatConnect, ThreatQuotient
  • Intelligence providers: FireEye/iSIGHT, Fox-IT, Group-IB, Intel 471
  • SIEM tools IBM QRadar, Splunk
  • Endpoint solutions: Bit9, Tanium
  • Intrusion Detection Systems / Intrusion Prevention Systems: Check Point Software, Cisco
  • Open-source products: Cabby, OpenTAXII

The active and growing community supporting the STIX/TAXII standards are here to stay as they have moved beyond early adoption and gained support from many in the financial services industry. This helped to create a large ecosystem in cyber threat intelligence.

STIX/TAXII standards were originally created in 2012 by the US Department of Homeland Security (DHS) and MITRE, a not-for-profit national technology resource. In 2015, DHS transitioned STIX and TAXII to OASIS, which formally manages the development process much like HTML falls under W3C. OASIS members include Cisco, EclecticIQ, HPE, IBM, and the US Department of Defense.

Laurent Liscia, CEO and Executive Director of OASIS, said: “The visionary STIX/TAXII standards have become a mature component of global cyber defense infrastructure, the single most important catalyst fueling the rapid growth of Cyber Threat Intelligence.

EclecticIQ, the market leader in providing STIX/TAXII-based Threat Intelligence Platforms to enterprises, governments and MSSPs, is an active contributor to the further development of STIX 2.0, and has also released two open-source solutions to the intelligence community:

  • OpenTAXII: a feature-rich, Python-based server API for implementing the TAXII standard
  • Cabby: a Python TAXII client implementation including a libraries and a command line tool

Joep Gommers, CEO of EclecticIQ, said: “From its inception, our company has believed strongly that the STIX/TAXII standards offer the most advanced approach for distributing and categorizing threat intelligence. We will continue to advance these standards to the benefit of the entire cyber threat intelligence community and lead in compliancy in our products.

For more information about how to participate in the STIX/TAXII community, please visit the OASIS booth at the RSA Conference, Feb. 13-17, in San Francisco (South Expo #S2121).

About EclecticIQ

EclecticIQ works with large enterprises, governments and MSSPs to improve cyber threat detection, prevention and response.

EclecticIQ’s analyst-centric EclecticIQ Platform boosts effectiveness of Threat Intelligence practices and intelligence-driven SOC and CERT operations. EclecticIQ Platform automatically collects intelligence from diverse sources; enables collaborative internal workflows; integrates with enterprise security technologies; and supports secure exchanges using STIX/TAXII with external information-sharing communities.

The company won Deloitte’s Technology FAST50 Rising Star Award for “Most Disruptive Innovator”.

EclecticIQ is a member of OASIS CTI TC and affiliate member of FS-ISAC.

For more information, visit www.EclecticIQ.com.

Talk to one of our experts

Protect your organization with cutting-edge threat intelligence. Book your free demo today and explore how our products and services can help you meet your security needs.
Book a call
cta-footer
Book a demo