Upload File

fs-isac security automation working group...

  • Home
  • Documents
  • FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input
9
16-May-14 Structured Cyber Intelligence Sharing FS-ISAC Security Automation Working Group (SAWG) May 15, 2014 David Eilken, SAWG PM

Upload: others

Post on 28-Sep-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

16-May-14 Structured Cyber Intelligence Sharing FS-ISAC Security Automation Working Group (SAWG) May 15, 2014 David Eilken, SAWG PM

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 2: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

TOPICS

• SAWG Vision - An Intelligence Network

• STIX Standard – Not Just IOCs

• Mitre’s Vision of a Standards Based Security Lifecycle

• Intelligence Aggregation Layers – Filtering Down to Action

• SAWG 2014 Roadmap

• Internal Member Integration

• SAWG Profile

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 3: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

SAWG – SECURITY AUTOMATION WORKING GROUP

Vision – One Organization’s Incident is Everyone’s Defense

Community Repository

ISAC

Organization Attacked

Community Repository

Enterprise Repository

Trusted Organizations

Protected

Automated Defense

FS-ISAC

Extended Trusted Organizations Protected

Enterprise Repository

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
http://www.aetnamedicare.com/
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
http://www.google.com/url?sa=i&rct=j&q=monitor icon&source=images&cd=&cad=rja&docid=4So9fMfCM8opXM&tbnid=loxlQCzmSUWXbM:&ved=0CAUQjRw&url=http://www.veryicon.com/icons/system/nx10/monitor-7.html&ei=iE_nUb3bOsf_4APQzIGwCA&bvm=bv.49478099,d.dmg&psig=AFQjCNHbqAhla2rGtaZ8BOUg4GVBJ7DWqA&ust=1374200064724240
https://www.usbank.com/
Page 4: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

STIX – STRUCTURED THREAT INTELLIGENCE EXPRESSION

Eight Constructs – Verbose Expression of Bad Things, Bad Events, and Bad People

Strategic “Higher Level Constructs”

Operational / Tactical Constructs

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 5: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

CYBER SECURITY MEASUREMENT AND MANAGEMENT ARCHITECTURE

Source: MITRE

Threat Analysis is Just the Beginning

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 6: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

INDUSTRY THREAT FUNNEL – FROM DATA TO ACTIONABLE INFORMATION

Operational Intelligence

Strategic Intelligence

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 7: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

SAWG ROADMAP

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 8: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

CONNECTING TO THE COMMUNITY – AN INTERNAL VIEW

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository
Page 9: FS-ISAC Security Automation Working Group (SAWG)making-security-measurable.1364806.n2.nabble.com... · 2020. 8. 17. · SAWG Membership as of May 2014 285 Members Providing Input

Visit www.fsisac.com/CyberIntelligenceRepository for more info

FS-ISAC SECURITY AUTOMATION WORKING GROUP

SAWG

Membership as of May 2014

285 Members Providing Input/ Requirements

125 Individual FS-ISAC Member Institutions

Avalanche Pilot Program

30 Participants Contributing to Technology Development

2015 Q1 – Avalanche Release Date to other ISACs

SAWG Positioning Statement Develop a local threat repository of structured/ relational intelligence that can be communicated machine-to-machine between intel providers, security tools, and broader ISAC community • - Help achieve critical mass adoption of STIX/ TAXII threat standards • - Influence security market to create open/ interoperable tools based on standards • - Ultimately drive down costs of tools and intelligence, while expanding accessibility

to smaller ISAC member institutions

https://www.fsisac.com/
https://www.fsisac.com/CyberIntelligenceRepository

Solution Architects Working Group (SAWG)

Southern SAWG - Basic Organic Soil Management

Southern SAWG--Building soil organically: how and why organic management works

Southern SAWG Equipment 2015

TurningTalk - SAWG...DavidJones 2995110 /Webmaster IanConnelly 2961312 CaroleKnowles 092336682 TerryScott 2977051 DickVeitch 2985775 WednesdayNights7:00pm (Doorsopen5:00pm) PapatoetoeCommunityCentre,

Safety Data Sheet 1907/2006/EC - REACH (GB) SAWG 10 90

Southern SAWG Getting Started in Producing and Marketing Sheep

Southern sawg healthy animals small spaces

Discovering Invisible Electronic Tampering - Nabblestop-the-star-program.3084.x6.nabble.com/.../Drew_Tech_PPT.pdf · engineering, end of line, car dealerships, and repair shop

Southern SAWG- Grub youth program

Southern sawg mycorrhizal fungi 2014

Southern SAWG, What is urban farming, 2014

Ship General Arrangement Plansship-general-arrangement-plans.41570.n7.nabble.com/file/...Created Date 7/3/2008 10:17:40 AM

Southern SAWG - Weed Management

TSUNAMI HAZARD TO Hawaii from a M9+ Event similar to 2004 Indian Ocean Tsunami SAWG SAWG Hawaii Civil Defense 11/2007

Southern SAWG 2014 - Is Your Farm Ready For Weather Extremes? Best Practices For Managing Climate Changes on Your Farm

Welcome to the January 2016 SAWG meeting, which will ......Welcome to the January 2016 SAWG meeting, which will focus on economic development and socioeconomic conditions. This is

SAWG Presentation Traffic and Transit - New NY Bridge

Rational Application Developer and - Nabblemaven.40175.n5.nabble.com/file/n5601870/RAD_m2e.pdf · Rational Application Developer traditionally stores project information in a variety

ERCOT PUBLIC 10/28/2015 1 2016 Long-Term Load Forecast Calvin Opheim ERCOT Manager, Forecasting & Analysis SAWG October 28, 2015

Southern SAWG - Food Hub Lessons: Early Decisions

Safety Data Sheet 1907/2006/EC - REACH (GB) SAWG 10 90 ... · 1.1 Product identifier SAWG 10 90 2615 hydraulic fluid Article number 10 90 2615 1.2 Relevant identified uses of the

Software Architecture - Seleniumselenium.10932.n7.nabble.com/attachment/45610/0/Selenium Archit… · Software Architecture Lab 1 Selenium WebDriver Group 7 14.12.2014 Continuous

Southern SAWG - Food Hub Financing

Southern SAWG - Appalachian Sustainable Development Food Hub

Southern sawg producing and using biodynamic compost

Configuring Database Security Store for an Oracle …erman-arslan-s-oracle-forum.2340467.n4.nabble.com/file/n... · Web view2017/03/01  · Mar 01, 2017 11:56:25 AM oracle.security.jps.internal.audit.AuditServiceImpl

April 2016 - Southern Arizona Watercolor Guild (SAWG) · 2016-03-29 · tchbook NEXT GENERAL MEETING MONDAY-APRIL 11th SOCIAL - 6:30pm SAWG GALLERY TABLE OF CONTENTS www. southernazwatercolorguild.com

XASTRO-2 Overview Presentation CCSDS SAWG Athens Meeting 12 th April 2005

Southern SAWG-Planning the Planting of Cover Crops and Cash Crops

Southern SAWG- convergence presentation

Southern SAWG-Start-up Organic Vegetable Production

Southern SAWG Cover Crops 2015

Southern SAWG 2013--Artisanal Farm Products

ORDC Options Analysis SAWG Market Analysis 12/16/2015