--- schema-version: v1.2.8 id: OASISSTIX-v1.2.1-COA-CS01-Pt9 title: - content: 'STIX(TM) Version 1.2.1. Part 9: Course of Action' language: - en script: - Latn format: text/plain type: main link: - content: http://docs.oasis-open.org/cti/stix/v1.2.1/cs01/part9-coa/stix-v1.2.1-cs01-part9-coa.html type: src type: standard docid: - id: OASIS STIX-v1.2.1-COA-CS01-Pt9 type: OASIS primary: true docnumber: STIX-v1.2.1-COA-CS01-Pt9 date: - type: issued value: '2016-05-05' contributor: - organization: name: - content: OASIS contact: - uri: https://www.oasis-open.org/ role: - description: - content: Standards Development Organization type: authorizer - type: publisher - organization: name: - content: OASIS Cyber Threat Intelligence (CTI) TC contact: - uri: https://www.oasis-open.org/committees/cti/ role: - description: - content: Committee type: authorizer - person: name: given: forename: - content: Richard language: - en script: - Latn surname: content: Struse language: - en script: - Latn affiliation: - organization: name: - content: DHS Office of Cybersecurity and Communications (CS&C) contact: - uri: http://www.dhs.gov/office-cybersecurity-and-communications contact: - email: Richard.Struse@HQ.DHS.GOV role: - description: - content: Chair type: editor - person: name: given: forename: - content: Sean language: - en script: - Latn surname: content: Barnum language: - en script: - Latn affiliation: - organization: name: - content: MITRE Corporation contact: - uri: http://www.mitre.org/ contact: - email: sbarnum@mitre.org role: - type: editor - person: name: given: forename: - content: Desiree language: - en script: - Latn surname: content: Beck language: - en script: - Latn affiliation: - organization: name: - content: MITRE Corporation contact: - uri: http://www.mitre.org/ contact: - email: dbeck@mitre.org role: - type: editor - person: name: given: forename: - content: Aharon language: - en script: - Latn surname: content: Chernin language: - en script: - Latn affiliation: - organization: name: - content: Soltra contact: - uri: http://www.soltra.com/ contact: - email: achernin@soltra.com role: - type: editor - person: name: given: forename: - content: Rich language: - en script: - Latn surname: content: Piazza language: - en script: - Latn affiliation: - organization: name: - content: MITRE Corporation contact: - uri: http://www.mitre.org/ contact: - email: rpiazza@mitre.org role: - type: editor language: - en script: - Latn abstract: - content: The Structured Threat Information Expression (STIX) framework defines nine core constructs and the relationships between them for the purposes of modeling cyber threat information and enabling cyber threat information analysis and sharing.  This specification document defines the Course of Action construct, which conveys specific measures to be taken to address threats whether they are corrective or preventative to address Exploit Targets, or responsive to counter or mitigate the potential impacts of Incidents. language: - en script: - Latn format: text/plain relation: - type: partOf bibitem: formattedref: content: OASIS STIX-v1.2.1-CS01 format: text/plain doctype: type: specification editorialgroup: - name: "OASIS Cyber Threat\r\nIntelligence (CTI) TC" ext: schema-version: v1.0.1 technology_area: - Cybersecurity