OpenTPX is an open-source format and tools for exchanging machine-readable threat intelligence and network security operations data. This is a JSON-based format that allows sharing of data between connected systems.
OpenTPX is a contribution by LookingGlass Cyber Solutions to the open source community. It defines a comprehensive model of threat associated with the global Internet enabling interconnected systems to exchange threat intelligence, threat context, collections, networks and threat mitigation information. OpenTPX is based on practical experience building highly scalable threat intelligence analysis & management systems deployed in real-world scenarios.
The OpenTPX specification, data model, data schema and supporting tools are freely available from opentpx.org
- [Multiple Examples] (http://www.opentpx.org/#downloads)
The following tools can be used to validate TPX JSON files.
We know there are folks out there that could use and expand the format, so we're open to pull requests. We can't promise the PR will be implemented exactly as requested, as managers of the format, we assume responsibility for making sure additions work without breaking the system. We'd like to avoid forks, so more than likely extensions that are submitted will make it into the system.
Copyright 2015 LookingGlass Cyber Solutions
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.