Structured Threat Information Expression (STIX™)

• New Context is one of the foremost authorities on the STIX standard.
• Our research team has developed STIX extensions for utility protocols such as Modbus/TCP, DNP3, and IEEE 16805/GOOSE.
• We are the co-authors of the STIX patterning language.

Trusted Automated Exchange of Intelligence Information (TAXII™)

• New Context is an authority on STIX and TAXII.
• We have supported TAXII since its charter within OASIS in 2015.
• Many of our research projects include the use of threat intelligence platforms with TAXII cyber threat intelligence feeds.

Open Command and Control (OpenC2)

OpenC2 is a standardized language for the command and control of technologies that provide or support cyber defenses. By providing a common language for machine-to-machine communication, OpenC2 is vendor and application agnostic, enabling interoperability across a range of cyber security tools and applications.

Collaborative Automated Course of Action Operations (CACAO) for Cyber Security

CACAO TC members are developing a standard to implement the course of action playbook model for cybersecurity operations. In order to defend against cyber threats, organizations must manually identify, create, and document the prevention, mitigation, and remediation steps that, together, form a course of action playbook.

OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. Using community-developed standards and practices, we’re simplifying integration across the threat lifecycle.

One of the most respected, non-profit standards bodies in the world, OASIS Open offers projects—including open source projects—a path to standardization and de jure approval for reference in international policy and procurement.