An Application for Graphically Representing Cybersecurity Operations Playbooks: the CACAO use case

Cybersecurity playbook is a term that refers to a documented process for cybersecurity aimed to be reusable and repeatable. For instance, a playbook could describe an incident-handling process, such as a specific set of activities that could be performed to mitigate a particular ransomware.

In the context of this work, we focus on OASIS CACAO, a standards-based work that defines a common schema for cybersecurity playbooks, allowing defenders to exchange their cybersecurity operations tradecraft in an interoperable and consistent manner. 

Aim of the project: develop a (web) application for graphically authoring, representing, and designing Collaborative Automated Course of Action Operations (CACAO) Playbooks, i.e. CACAO Security Playbooks.

Emneord: playbooks, cybersecurity playbooks, workflows, orchestration, cybersecurity automation
Publisert 29. okt. 2022 20:16 - Sist endret 29. okt. 2022 20:22

Omfang (studiepoeng)

60