CAPEC 3.4 content available expressed using the STIX 2.0 standard

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

CAPEC 3.4 content available expressed using the STIX 2.0 standard




With the release of CAPEC 3.4 we have updated the CAPEC content as expressed as STIX at


See below for more information about this content.


Thanks again for your interest and contributions to CAPEC!


            Rich Piazza



Rich Piazza

Lead Cyber Security Engineer

The MITRE Corporation






MITRE has been working with DHS and the OASIS Cyber Threat Information (CTI) technical committee to develop STIX (Structured Threat Information eXpression) a standard for exchanging cyber threat information.  STIX 2.0, which was released in 2017, as a committee standard [1], is implemented as JSON objects.  MITRE has set up a GitHub site [2] which contains various cyber threat information content, expressed using the STIX standard, available to anyone. 


In order to make CAPEC content more accessible, the CAPEC Attack Patters in STIX 2.0 format are available.  This an alternative way to view CAPEC content – is still the primary source. They are available at that site in the ‘capec’ subdirectory.  Not all properties of a CAPEC Attack Pattern are converted, due to limitations of the STIX format and the complexity of some CAPEC properties. For more details on the conversion mapping see 


That documentation also includes instructions on how to use the python-stix2 API [3] to access this content programmatically.   


All comments and suggestions are welcome!