1 Scope
2
References
3
Definitions
3.1 Terms
defined elsewhere
3.2 Terms
defined in this Recommendation
4
Abbreviations and acronyms
5
Conventions
6
Basic concept – Cybersecurity information exchange (CYBEX)
7
Structured cybersecurity information exchange techniques
7.1 Weakness,
vulnerability and state – exchange cluster
7.2 Event,
incident, and heuristics – exchange cluster
7.3 Information
exchange policy – exchange cluster
7.4 Identification,
discovery, and query cluster
7.5 Identity
assurance cluster
7.6 Exchange
protocol cluster
Appendix I – Structured cybersecurity information exchange
techniques
Appendix II – A cybersecurity information exchange ontology
II.1 Operation
domains
II.2 Cybersecurity
entities
II.3 Cybersecurity
operational information
Appendix III – CYBEX examples of security automation schemas
III.1 Example:
USA Federal Desktop Core Configuration/United States Government Configuration
Baseline
III.2 Example:
Japan vulnerability information portal site, JVN
Bibliography