Self-Certification Program for Automated Cyber Threat Intelligence Sharing

Please note: The self-certification program is currently on hold while the CTI Interoperability Subcommittee brings it into alignment with the latest versions of STIX and TAXII. Please do not submit material to the program until it reopens.

To promote interoperability, OASIS enables implementations of the Structured Threat Information eXpression (STIX™) v2 and the Trusted Automated eXchange of Intelligence Information (TAXII™) v2 to be self-certified by suppliers. The process uses industry-defined conformance test documents developed by members of the OASIS Cyber Threat Intelligence Technical Committee.

Products that meet the self-certification requirements are granted exclusive permission to use the “STIX2 Preferred” or “STIX/TAXII2 Preferred” certification mark.