This document describes the use of the Malware Attribute Enumeration and Characterization (MAEC)
and Structured Threat Information eXpression (STIX) and languages in the context of malware
characterization and malware metadata exchange. By describing the relationships between the
languages and by providing details on each language’s ability to capture malware-related information,
this document answers the question, “When should I use MAEC, when should I use STIX, and when
should I use both?”
more here..........http://stix.mitre.org/about/documents/Characterizing_Malware_MAEC_and_STIX_v1.0.pdf
and Structured Threat Information eXpression (STIX) and languages in the context of malware
characterization and malware metadata exchange. By describing the relationships between the
languages and by providing details on each language’s ability to capture malware-related information,
this document answers the question, “When should I use MAEC, when should I use STIX, and when
should I use both?”
more here..........http://stix.mitre.org/about/documents/Characterizing_Malware_MAEC_and_STIX_v1.0.pdf