About us

The IDMEFv2 Task Force is an international consortium working on the definition of a universal format for incident detection.

the IDMEFv2 format (Incident Detection Message Exchange Format) is a standardised reporting format for incident detection. Designed to manage all types of incidents, whether cyber, physical or natural. It facilitates the detection of complex and hybrid attacks on critical infrastructures, allows the supervision of connected and mobile objects and anticipates the consideration of cyber and physical convergence. Its interoperability also allows the interconnection of Security Operational Centers (SOCs) and the deployment of “SOC of SOCs” in the civilian and in defence security architectures. “Security” for IDMEFv2 broadly understood “Cyber and Physical” CIA (Confidentiality, Integrity and Availability).

The IDMEFv2 format is based on JSON and proposes classes and attributes for a structured description of physical and cyber incident and intrusion.

The IDMEFv2 format has been first described in an official IETF V00 Draft published in 2022. V05 has been published in April 2025 and from now on the consortium is open to external contribution in order to create a community of interest before entering a standard track process at IETF.

IDMEFv2 information can be found on :

this IDMEFv2 website: www.idmefv2.org
the IDMEFv2 mailing list : list.idmefv2.org
the IDMEFv2 GitHub : www.github.com/IDMEFv2

How to join ?