oca-pgb@lists.oasis-open-projects.org | OCA Proposal

Home Messages Hashtags Subgroups

Date Date 1 - 3 of 3

OCA Proposal - Next Steps ACTION REQUIRED

Jason Keirstead

Thank you to all who attended the PGB meeting today.

In the meeting, one of the agenda topics was the discussion of the OCA proposal (located here https://hackmd.io/e-mX-WTbRXacSrroJLHGDA?both). David also shared some slides where he went over the project, which are going to be shared to the OCA mailing list.

The consensus on the call was that the spirit of the proposal is something we support, however we also recognize there are a few tweaks that probably need to be made before it goes to a ballot.

We request that all PGB members please review the proposal and log any comments in the document by next Friday, March 10^th. At that point we can work with David to finalize the proposal in order to move forward with a vote, with the hope that we can have this project onboarded before RSAC.

For anyone unfamiliar with the HackMD tool, here is a screenshot of how you leave a comment.

-
Jason Keirstead
Distinguished Engineer, CTO - IBM Security Threat Management | www.ibm.com/security

Assistant - Mauricio Durán Cambronero (mauduran@...)

Co-Chair - Open Cybersecurity Alliance, Project Governing Board

www.opencybersecurityalliance.org

David Bizeul

#726

Hello everybody and thank you for welcoming us as an OCA sponsor!

Here are the slides I presented yesterday to illustrate better what would/could be the scope and results of the project.

Best regards

PDF

OXA presentation.pdf

David Bizeul

#731

Hi everyone,

Jason asked for already engaged initiatives that could illustrate some actions of OXA.

Even if we do not currently work with all related OASIS standards, links below are public repositories and could serve as examples or even as first steps.

- On the ingestion of events (From proprietary format to ECS format) : https://github.com/SEKOIA-IO/intake-formats

- On the orchestration part (CACAO like playbooks) : https://github.com/SEKOIA-IO/Community/tree/main/playbooks

- On the automation part (a limited library that could be mapped with OpenC2): https://github.com/SEKOIA-IO/automation-library

These are some kinds of repositories that OXA could/should propose, in addition with the other aspects we discussed.

Related with CTI dissemination according with a tech profile, this is something that can be done with a feed such as this one to disseminate a central CTI into my network security components (illustration below, just to explain this is possible):

Best regards

Show quoted text

Le ven. 3 mars 2023 à 06:51, David Bizeul <david.bizeul@...> a écrit :

Hello everybody and thank you for welcoming us as an OCA sponsor!
Here are the slides I presented yesterday to illustrate better what would/could be the scope and results of the project.
Best regards

1 - 3 of 3

Previous Topic Next Topic

Home Hashtags Subgroups Terms