Date   

Modifications to the Open Project Rules approved by the OASIS Board of Directors

Chet Ensign
 

Open Project PGB members and OASIS members,

At its meeting on June 14, 2022, the OASIS Board of Directors approved updates to the OASIS Open Project Process as well as minor changes to the Committee Operations Process and the Open Repository Guidelines and Procedures. Staff recommended these changes to address issues raised by several projects as well as our own lessons learned. The proposals go into effect immediately.

The specific changes can be seen in the attached red-line copies of these documents. We do not anticipate these to have a significant impact on your ongoing project work.

Briefly:

1. The first (and most important) change can be found in the OP Rules at lines 121 to 137 as a proposed new section 5.7. This change would allow OP PGBs to elect to apply the same quorum, non-voting, and persistent non-voting rules that TCs enjoy to their OP operations. Several PGBs have struggled to achieve regular quorum and make progress. By adopting a Standing Rule, OPs will now be able to gracefully scale down voting and quorum to those who show up and vote regularly. As with TCs, this would not change any other commitments or privileges of Sponsorship.

2. The second change is about Technical Steering Committees (TSC), and can be found in the attached marked OP Rules at lines 70 to 78 and 142 to 152. These changes simply clarify that a project can have multiple TSCs and how TSCs are represented on the PGB.

3. At lines to 242 to 245 (Section 10), we attempt to emphasize that, generally speaking, we don't expect Open Projects to adhere to a lot of rigid formalities; they're entitled to run as a consensus process, without a lot of formal motions, seconding and Roberts Rules behaviors. Related changes on the same topic also are in the OASIS Committee Operations Process at lines 74 to 76 and 162 to 166.

4. In the Open Repository rules, which allow TCs to launch open source projects on the side, we changed the language from a list of applicable open source licenses that would require maintaining to a statement that it is the same as for the Open Project Rules. Lines 53 to 58.

5. Two other minor patches to the OASIS Committee Operations Process were approved, in addition to the "consensus" issue noted above. The first is at lines 136 to 145, where the role and requirements for "standing rules" is slightly clarified. The second is to the informative table of project roles and functions after line 56. These were made to better explain what each role in an Open Project may do.

6. Finally, as general clean-up, small, non-substantive editorial corrections were made at lines 21, 80, 84, 87, and 205 of the OP Rules, and lines 82, 83 and 99 of the OASIS Committee Operations Process.

Again, we do not expect these to have major impacts on your work but, as always, feel free to contact us with any questions.

Best regards,

/chet


Additional information

- Open Project Rules - https://www.oasis-open.org/policies-guidelines/open-projects-process/

- Committee Operations Process - https://www.oasis-open.org/policies-guidelines/oasis-committee-operations-process/

- Open Repository Guidelines and Procedures - https://www.oasis-open.org/policies-guidelines/open-repositories/

--

Chet Ensign

Chief Technical Community Steward

OASIS Open

   
+1 201-341-1393
chet.ensign@...
www.oasis-open.org


re-attack: Request to our OCA endpoint security vendors

Forrest Hare
 

OCA Team,

 

It has been two months since I sent out the below e-mail soliciting support from our end point security members to help with the ontology project.  Unfortunately, the response has not been sufficient for us to be able to make progress on our efforts to ontologically model our use case.  To reiterate, we are looking for some sample data representative of what we would observe in our systems in the case of a spear phishing attack and resultant malware infection.  The sample data/files need to be accompanied by a “decoder ring” of some sorts so that we can understand what the elements in the file represent and then be able to map those to the ontological framework.  See below for more details.

 

We CANNOT proceed without your help.

 

Ian Featherstone has set up a meeting for the Ontology project on Monday afternoon.  We will try to work with whatever we have at that meeting so feel free to bring sample data or questions.

 

Thank you,

Forrest

 

Forrest B. Hare, PhD

Founder

Summit Knowledge Solutions, LLC, SDVOSB

571-419-0084

forrest@...

https://sks.ai

The information contained in this e-mail and any attachments from Summit Knowledge Solutions ("SKS") may contain sensitive and/or proprietary information, and is intended only for the named recipient to whom it was originally addressed. If you are not the intended recipient, any disclosure, distribution, or copying of this e-mail or its attachments is strictly prohibited.   If you have received this e-mail in error, please notify the sender immediately by return e-mail and permanently delete the e-mail and any attachments.

 

 

From: Hare, Forrest B. <Forrest.B.Hare@...>
Sent: Friday, April 8, 2022 3:06 PM
To: 'oca-pgb@...' <oca-pgb@...>
Cc: Featherstone, Ian <Ian.Featherstone@...>; Hare, Forrest B. <Forrest.B.Hare@...>
Subject: Request to our endpoint security vendors

 

OCA Team,

 

We are at a bit of a sticking point in our ontology use case development for the OCA ontology project.  What we could really use right now are some sample files containing some sample data that would be appropriate according to the use case.  These would most likely be something that our end-point security vendors are working with so we are asking for your help specifically.  As a reminder, the full use case is located here:

https://github.com/opencybersecurityalliance/documentation/blob/master/Architecture%20Documents/UseCases.md

 

For the ontology use case however, we are ONLY focusing on the infection and detection stages in the overall use case.  Very specifically, we are modeling the portion from the scenario pasted below at the bottom of this e-mail.

 

With that in mind, we are in need of some representative files that would contain the data that would be passed around in the system as described below.  For example, we would appreciate some sample data that would exemplify the signatures, etc., that would be discovered in the scan.

 

Please DO NOT respond to the distro list if you have questions on the scenario.  Please respond directly to me and Ian.

 

Thank you,

Forrest

 

Scenario details----

 

Of note – but very much going on in the background - as Bob turns on his computer, Bob’s endpoint protection software starts up and checks for any new updates from the software manufacturer. A small set of signatures have been published overnight. Unknown to Bob, the signatures are installed in the background, ensuring that Bob’s computer is protected from the latest known malware attacks. The software also checks in with Bob’s corporate network asking a similar question, “Are there any new blocks we need to know about?” the software asks the corporate library of rules. No new rules are downloaded as no filters, blocks, proxy rules or firewall rules have been created in the last 16 hours.

Our story continues with Bob - He is eager to follow up on a project so he does not notice that the “from” name is "Alice", but it is not displaying as it typically would. He clicks anyways, as he is looking forward to the next step in a project.

Bob opens the e-mail to see “I found this link that I think will help us with our project, talk soon” – followed by a URL.

Of course Bob clicks the link, and this is what we call a phishing – or in the case of a specific user, a focused “spear phishing” attack.

The web site Bob accesses contains a zero-day cyber vulnerability. Bob did not catch it, his e-mail system’s filter did not, and now Bob’s endpoint software has to take over.

The link that Bob clicked opened up a few interesting tidbits, but it did not seem very apropos to Bob and Alice’s project. He ignored the rest of the site, realizing – too late – that this sounded like one of those examples from his security awareness training. “I probably should not have clicked that,” Bob thought. He looked again at the tempting e-mail and saw that while it had Alice’s first name, it did not include a last name. And he hovered his mouse over the URL and realized, “...not a good site... uhoh.”

Bob hasn’t seen anything else strange, he only clicked a link and realized quickly that it was off topic – he closed the screen so fast, at this point Bob’s fears dwell and he goes about his coffee – and his day.

In the background, however, the damage was done in a split second. Bob’s computer saw Bob click a link

·         he initiated it, and Bob’s computer’s policies allow him to install software. The software installed itself and after setting a timer to “go off” in 4 hours, the bad program went dormant.

Malware was installed immediately as Bob clicked the URL – it all happened as the web page loaded.

Bob’s endpoint protection software scanned the new program that was downloaded in the background

·         the software scans all files coming and going on Bob’s computer.

When the new program starts to run, the virus software compares the digital signature, the certificate used to sign it, and the name, size and date on the program to its database of known malware attacks.

The new program does not match the database. The endpoint software flags it as a new, unsafe program.

Many people in Bob’s company are business and mission focused – they are not savvy IT people. Because alerts have created a lot of extra calls and support costs, this security event – unknown software – does not pop up on Bob’s computer.

Instead the endpoint software sends an alert to the corporate logging tools.

 

 

 

Forrest B. Hare, PhD, CISSP

SAIC Fellow

Solution Developer | Cyberspace Operations
571-419-0084 | 
forrest.b.hare@...

saic.com |@SAICinc

SAIC®

https://www.saic.com/jadc2

 

The information contained in this e-mail and any attachments from Science Applications International Corporation ("SAIC") may contain confidential and/or proprietary information, and is intended only for the named recipient to whom it was originally addressed. If you are not the intended recipient, any disclosure, distribution, or copying of this e-mail or its attachments is strictly prohibited.   If you have received this e-mail in error, please notify the sender immediately by return e-mail and permanently delete the e-mail and any attachments.


OCA joins Nonprofit Cyber Coalition

Dee Schur
 

OCA community,

 

We are delighted to announce that the OCA has officially become part of the Nonprofit Cyber Coalition, https://nonprofitcyber.org/nine-new-members-join-nonprofit-cyber-coalition/.  The mission of the OCA is nicely aligned with that of the Nonprofit Cyber, https://nonprofitcyber.org/about/.  We will be engaging the OCA community as we organize opportunities to collaborate with these other organizations.

 

If you are an OCA Sponsor, please take advantage of this announcement and promote via your social channels reinforcing your organization’s commitment to open partnerships that benefit your customers.

 

Regards,

Dee

 

 

Dee Schur

Senior Manager, Development & Advocacy

OASIS Open

 

 

 

+1-941-321-6733

dee.schur@...

www.oasis-open.org/

 

 


OCA community event update -- RSA 2022 and more

Jane Harnad
 

Hi Everyone,

Missed today's OCA marketing meeting? Below is a quick event recap. Please mark your calendars for the next meeting -- Thursday, 9 May at 2:00 PM EST. We have a lot to finalize before RSA 2022. Feel free to reach out with questions. Thanks so much, Jane

Upcoming events:

International Conference on the EU Cybersecurity Act
OCA on the Agenda |  Wednesday, 25 May
OASIS member discount: 20% off the registration pass, use the code 22OASIS20.


Cybersecurity Automation Workshop
PACE, STIX Shifter, and Kestrel Participating  |  2 June
Register to participate or simply observe.

RSA 2022
OCA Breakfast BoF  |  8 June
Contact Jane Harnad if your company has a booth and you'd like to host an OCA presentation on the RSA showfloor.

The FIRST Annual Conference
Possible OCA Booth Option  |  26 June
Contact Jane Harnad if you plan to attend and would be willing to support an OCA booth during the event.

In case you missed a recent event...

NIEM & OASIS Community Update
View video to learn about possible cross-pollination opportunities for OCA.

Kestrel @ SC Media: Automating the Hunt for Advance Threats Summit
View presentation here.


--

Jane Harnad

Manager of Events

OASIS Open

   
+1 703-508-3373
jane.harnad@...
www.oasis-open.org/events


Event: OCA Webinar 'Can ‘best of breed’ security tools be orchestrated?' - Wednesday, March 16, 2022 #cal-invite

oca@lists.oasis-open-projects.org Calendar <noreply@...>
 

OCA Webinar 'Can ‘best of breed’ security tools be orchestrated?'

When:
Wednesday, March 16, 2022
12:00pm to 1:00pm
(UTC-04:00) America/New York

Where:
https://us06web.zoom.us/webinar/register/WN_X8jYHTkaRoCd5uZAiQ0acg

Organizer: Dee Schur dee.schur@... 9413216733

View Event

Description:
Register here, https://us06web.zoom.us/webinar/register/WN_X8jYHTkaRoCd5uZAiQ0acg


OSLC Quality Management Version 2.1 OASIS Standard published

Chet Ensign
 

OASIS Members,

OASIS is pleased to announce the publication of its newest OASIS Standard, approved by the members on 19 January 2022:

OSLC Quality Management Version 2.1
OASIS Standard
19 January 2022

The OSLC (Open Services for Lifecycle Collaboration) initiative applies Linked Data principles, such as those defined in the W3C Linked Data Platform (LDP), to create a cohesive set of specifications that can enable products, services, and other distributed network resources to interoperate successfully.

Quality Management V2.1 defines the OSLC quality management domain, a RESTful web services interface for the management of product, service or software quality artifacts, activities, tasks and relationships between those and related resources such as requirements, defects, change requests or architectural resources. To support these scenarios, this specification defines a set of HTTP-based RESTful interfaces in terms of HTTP methods: GET, POST, PUT and DELETE, HTTP response codes, content type handling and resource formats.

The project received 3 Statements of Use from IBM, KTH Royal Institute of Technology, and SodiusWillert.

URIs:

The OASIS Standard and all related files are available here:

- Part 1: Specification
HTML:
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-spec.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-spec.pdf

- Part 2: Vocabulary
HTML:
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-vocab.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-vocab.pdf

- Part 3: Constraints
HTMLP
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-shapes.html

PDF:
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-shapes.pdf

- Part 4: Machine Readable Vocabulary Terms
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-vocab.ttl

- Part 5: Machine Readable Constraints
https://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/quality-management-shapes.ttl

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

http://docs.oasis-open-projects.org/oslc-op/qm/v2.1/os/qm-v2.1-os.zip

Our congratulations to the members of the OSLC Open Project on achieving this milestone.


--

Chet Ensign

Chief Technical Community Steward

OASIS Open

   
+1 201-341-1393
chet.ensign@...
www.oasis-open.org


Newly released RSAC agenda + OASIS member discount enclosed

Jane Harnad
 

 
Save $850 on your Full Conference Pass and see the newly released agenda.
 
 
 Start exploring the industry’s most comprehensive agenda; with hundreds of sessions tackling the latest cybersecurity challenges and best practices, there’s something for everyone! 
   
 Plus, spring has sprung a little early with new savings. Register by May 6 to save $700* on a Full Conference Pass, plus when you register using code 12UOASISFD you save an additional $150—bringing your total savings to $850. Don’t miss this chance to keep a little extra green in your wallet. 
 
 
VIEW AGENDA
 
COMPARE PASSES
 
 
 *$850 savings is based on the $700 Spring Period savings off the regular Onsite price of a Full Conference Pass, plus your $150 OASIS discount. Cannot be combined with other discounts. The Spring Period ends May 6 at 11:59 PM PT. View Terms & Conditions. 
 
 
 DID YOU KNOW? Registering early not only secures your Spring Period discount, but also lets you choose from the best hotel selection—at RSAC-negotiated rates! 
   
 
REGISTER NOW
 
 
  
  
 CHECK OUT THE BUZZ
FROM OUR PAST ATTENDEES.
Buzz 
   
 
“RSAC has the absolute best and broadest selection of tracks, panels and speakers of any conference in our industry!”
 
#1 security conference of the year. Lots of technical sessions as well as excellent keynotes.”
  
   
 
Connections and information gained from RSAC were irreplaceable.”
 
“Great to collaborate with peers, learn about the latest security products and refuel energy and passion towards your job.”
  
   
Oragami
 
BACK BY POPULAR DEMAND...
 
 
 THE FIVE MOST DANGEROUS NEW ATTACK TECHNIQUES 
 
 
James Lyne
 
James Lyne
Chief Technology Officer
SANS Institute
 
Heather Mahalik
 
Heather Mahalik
DFIR Curriculum Lead and Director of Digital Intelligence
SANS Institute and Cellebrite
 
Katie Nickels
 
Katie Nickels
Certified Instructor and Director of Intelligence
SANS Institute and Red Canary
 
Ed Skoudis
 
Ed Skoudis
President
SANS Technology Institute
 
Johannes Ullrich
 
Johannes Ullrich
Dean of Research
SANS Technology Institute
 
 
 
SEE MORE KEYNOTES
 
REGISTER NOW
Oragami
 
ComputerCAN’T ATTEND IN PERSON?
VIEW OUR DIGITAL PASS.
 
TeamMULTIPLY THE LEARNING
WITH GROUP SAVINGS.
 
MaskIN PERSON ATTENDANCE REQUIREMENTS.
 
 
 
RSA Conference
Stay connected:
LinkedINTwitterYouTubeFacebookInstagram
 
 
 
 © 2022 RSA Security LLC or its affiliates. All rights reserved. RSA Conference logo, RSA, and other trademarks are trademarks of RSA Security LLC or its affiliates. Other trademarks may be trademarks of their respective owners. Legal Notices | Privacy Statement

RSA, 174 Middlesex Turnpike, Bedford, MA 01730
 
 
 


It is time for that bi-annual tsunami we call Daylight Savings Time

Chet Ensign
 

Heads up for any of you scheduling projects with cross-ocean participants, it is that time of year. 

North America goes to Daylight savings time on Sunday, March 13th.  Europe and much of the rest of the world will make the switch on March 27th. 

Much of Asia doesn't bother. Note also that the Middle East shifts on different days. Israel, for example, changes on Friday the 25th while Palestine shifts on Saturday the 26th. 


So, to avoid confusion, have everybody double-check their calendars. 

Or take a two week break and let the dust settle that way. 

Best, 

/chet 

--

Chet Ensign

Chief Technical Community Steward

OASIS Open

   
+1 201-341-1393
chet.ensign@...
www.oasis-open.org


The ballot to consider CC-BY-4.0 as a valid license for OCA repositories has passed

Chet Ensign
 

The ballot to consider the CC-BY-4.0 license (https://creativecommons.org/licenses/by/4.0/legalcode) for use in future OCA repositories has passed.

The vote required a Special Majority. This meant at least 2/3 of the eligible voters had to vote “yes” and no more than 3 (1/4 of the eligible voters) could vote “no”. Yes received 12 votes (11 cast by ballot and 1 cast by email due to a problem using the ballot) and No received 0 votes.

Please contact us with any questions.

Best regards,

/chet

--

Chet Ensign

Chief Technical Community Steward

OASIS Open

   
+1 201-341-1393
chet.ensign@...
www.oasis-open.org


Please join us on 16 March, 12PM EDT for the next OCA webinar

Dee Schur
 

OCA community,

We invite you to register for the next OCA webinar, ‘Can ‘best of breed’ security tools be orchestrated?’  https://bit.ly/3heXbt0 . We are anticipating a quite lively exchange! Please distribute widely to your network. Include @OpenCyberAllnc in your tweets and Open Cybersecurity Alliance in your LinkedIn posts.

 

Apologies in advance for multiple emails to our OCA lists.

 

Best,

dee

 

 

 

Dee Schur

Senior Manager, Development & Advocacy

OASIS Open

 

 

 

+1-941-321-6733

dee.schur@...

www.oasis-open.org/

 

 


IoB WG Meeting tomorrow - mark your calendars

Dee Schur
 

Hi folks,

Please join us for the February Indicators of Behavior monthly meeting tomorrow, 8 February at 1PM ET, https://lists.oasis-open-projects.org/g/oca-iob-wg/calendar.  This meeting is open to all interested parties.

 

Agenda topics:

 

  • Recap on meetings with MITRE Engenuity
  • Strategies on increasing membership
  • Discussion on Indicators of Attack vs Indicator of Behavior
  • General Discussion

 

Need to come up to speed before the next meeting? Have a look at the recorded meeting on YouTube, https://www.youtube.com/watch?v=vkXDu2wIv9I&list=PLGWoM62JSEugl4982u_whEwcTb_eBTOoH

 

As always, let me know if you have any questions.

Regards,

Dee

 

Dee Schur

Senior Manager, Development & Advocacy

OASIS Open

 

 

 

+1-941-321-6733

dee.schur@...

www.oasis-open.org/

 

 


Modifications to the Open Project Rules approved by the OASIS Board of Directors

Chet Ensign
 

Open Project PGB members and OASIS members,

At its January 25, 2022 meeting, the OASIS Board of Directors approved updates to the rules governing OASIS Open Projects (https://www.oasis-open.org/policies-guidelines/open-projects-process/). Staff recommended these changes to address feedback we received from the community and our own lessons learned. The proposals go into effect immediately.

Briefly:

- Sect. 8.1 was revised to enable Project Governing Boards to adopt a standing rule delegating the power to approve and set up of new repositories to their Technical Steering Committee or to designated maintainers. In the case where a repository is being set up with an applicable license that has not been used by the project before, the PGB will be required to approve the repository.

- In Sect 15.2, Creative Commons CC0 license was changed to an implementer-class license and Community Data License Agreement v2 was added to the set of other available licenses to accommodate repositories intended for collections of data.

You can review the specific changes in the attached red-lined PDF file.

Thank you for your ongoing work at OASIS. We appreciate all that you do. As always, feel free to contact us with any questions you have.

/chet

--

Chet Ensign

Chief Technical Community Steward

OASIS Open

   
+1 201-341-1393
chet.ensign@...
www.oasis-open.org


And the winner is...OASIS Awards Ceremony, 19 Jan.

Jane Harnad
 


 
ATTENTION OASIS MEMBERS AROUND THE GLOBE!
 
Join us for our Annual Awards Ceremony on Wednesday, 19 January 2022 as we ring in the New Year supporting our 2021 Open Cup & Distinguished Contributor Award recipients.
 
 
RSVP
 
Distinguished Contributor Award
 
Our "Hall of Fame" award is given to an OASIS member(s) that has made significant contributions to our open standards and open source community. 

Recipients will be announced during the live ceremony.
Open Cup Award
 
The Open Cup is given out in recognition of exceptional advancements within the OASIS technical community.

The 2021 nominees for the two Cup categories are:   
 
Outstanding New Initiative Category
 

Outstanding Approved Standard Category
 
 
Cup winners will be announced during the ceremony. 

Don't miss this opportunity 
to herald and cheer the award winners. The gathering will be held virtually on Wednesday, 19 January 2022 at 11:00 EST (UTC 16:00). RSVP today to receive a link to the livestream.

Missed last year's award ceremony? Video is available on our YouTube Channel.

Do you know someone who should not miss the opportunity to root for one for one of the Finalists?  Share with colleagues and friends!
 
 
 
RSVP
 
 
© 2022 OASIS
 


Welcome VISUA, Prophecy International, and Tenzir to the Open Cybersecurity Alliance

Mary Beth Minto
 

OASIS is pleased to announce three new sponsors of the Open Cybersecurity Alliance Open Project: VISUA, Prophecy International, and Tenzir!

VISUA boasts best-in-class Visual-AI that powers the world’s leading brand protection, authentication and monitoring platforms. Its Visual-AI technology is proven to deliver the highest precision with instant learning, at unlimited scale, and is adaptable for any use case. VISUA delivers best-in-class Visual-AI for brand protection, authentication, and monitoring.

Prophecy International is known internationally for innovative software. Prophecy designs & develops software, and brings it to the world through their global business partner channel in each of their territories – in America, Europe, Middle East, Africa and Asia/Pacific. They have a number of brands, including Snare, eMite, and their legacy brands basis2, Promadis and ProphecyOpen.

Tenzir's mission is to significantly speed up the investigation process after cyber attacks by means of automated analyses. In an IT-world of understaffing, talent shortage, and alert overload, it is a daunting task to keep a large infrastructure secure. Tenzir brings together longstanding expertise in security, software engineering, and data science to develop a solution that extracts meaningful signals from the noise and translates them into actionable insight.

VISUA, Prophecy International, and Tenzir join the other OCA Sponsors whose financial commitment ensures that the project remains open to all technical participants and receives the resources it needs to succeed. If your organization is interested in becoming an OCA Sponsor, or if you'd like to learn more about the Alliance, please contact communications@....


Cancelled Event: OCA Monthly Developer Office Hours - Tuesday, December 21, 2021 #cal-cancelled

oca@lists.oasis-open-projects.org Calendar <noreply@...>
 

Cancelled: OCA Monthly Developer Office Hours

This event has been cancelled.

When:
Tuesday, December 21, 2021
10:00am to 11:00am
(UTC-05:00) America/New York

Where:
https://zoom.us/j/99676071745?pwd=clpteGdLRUhQR1VNSThQK21VMEdPdz09

Organizer: Roseann Guttierrez roseann.guttierrez@...

Description:
Roseann will host a monthly developer office hours about OCA projects and topics/concerns in cyber security!

Hi there,
 
You are invited to a Zoom webinar.
When: Feb 16, 2021 10:00 AM Eastern Time (US and Canada)
     Every month on the Third Tue, 12 occurrence(s)
     Feb 16, 2021 10:00 AM
     Mar 16, 2021 10:00 AM
     Apr 20, 2021 10:00 AM
     May 18, 2021 10:00 AM
     Jun 15, 2021 10:00 AM
     Jul 20, 2021 10:00 AM
     Aug 17, 2021 10:00 AM
     Sep 21, 2021 10:00 AM
     Oct 19, 2021 10:00 AM
     Nov 16, 2021 10:00 AM
     Dec 21, 2021 10:00 AM
     Jan 18, 2022 10:00 AM
     Please download and import the following iCalendar (.ics) files to your calendar system.
     Monthly: https://zoom.us/webinar/tJ0rcO-oqTotHtE8Mu3g-gB6DaC01XbrlSou/ics?icsToken=98tyKuChqDwsGtOUtx2CRox5BI_CM_Twtn5agrd4xDLwUCceZSGgEuNhYuNHEsrc
Topic: OCA Developer Office Hours
 
Please click the link below to join the webinar:
https://zoom.us/j/99676071745?pwd=clpteGdLRUhQR1VNSThQK21VMEdPdz09
Passcode: 230155
Or iPhone one-tap : 
    US: +19292056099,,99676071745#,,,,*230155#  or +13017158592,,99676071745#,,,,*230155# 
Or Telephone:
    Dial(for higher quality, dial a number based on your current location):
        US: +1 929 205 6099  or +1 301 715 8592  or +1 312 626 6799  or +1 669 900 6833  or +1 253 215 8782  or +1 346 248 7799 
Webinar ID: 996 7607 1745
Passcode: 230155
    International numbers available: https://zoom.us/u/abPieGwfbb
 


Request that a mailing list be created for Open Cybersecurity Alliance OP

Chet Ensign
 

Your name:
  Chet Ensign
Project name:
  Open Cybersecurity Alliance OP
Project email address:
  oca@...
Mailing list description:
  The Posture Attribute Collection and Evaluation (PACE) Project will develop reference and/or production-ready code demonstrating posture assessment of computing resources using a communication fabric and multiple payload formats.
Approval:
  https://lists.oasis-open-projects.org/g/oca-pgb/message/431
Notes:
  Per prior email discussion, we would like to set up a mail list for the PACE project. Here’s my best cut at names and addresses that should be included. Hopefully folks like Mike Rosa and Adam Montville and the other folks CC’d here can fill in any I’ve missed.



· Michael Rosa (mjrosa@...)

· David Kemp (d.kemp@... & dk190a@...)

· Adam Montville (Adam.Montville@...)

· Sara Archacki (CIS, I don’t have email address)

· David Lemire (david.lemire@...)

· Jerry Czachor (Jerome.czachor@...)

· Mason Mirarchi (mumarchi@...)

· Duncan Sparrell (duncan@...)

· Mark Mastrengeli (mark_matrangeli@...)

· Manikandan Kenyan e manikandan_kenyan@...

· Dennis Moreau (dmoreau@...)

· (whomever from OASIS should be there)
· Bruce Lavoie

· Jason Kierstead (IBM)

· Russ Warren (Russell.warren@...)


Dave



David Lemire


Your request automatically opens a ticket in the project administrator's JIRA issue tracker. To see the current queue of support tickets and find yours, click here.


Call for speakers is open -- cybersecurity conferences in Europe

Jane Harnad
 

The call for speakers is open for two cybersecurity conferences. Anyone interested in attending and/or helping us submit a proposal? 

EU Cybersecurity Act (EUCA) Conference
8-9 March
Brussels, Belgium
https://eucyberact.org/were-looking-for-great-speakers/
CFP Deadline: 16 November

The FIRST.org Conference
26 June- 1 July
Dublin, Ireland
https://www.first.org/conference/2022/cfs
CFP Deadline: 9 December
 
Contact me if you're planning to attend and/or if you'd like to help us submit a proposal. 

Regards, Jane

--

Jane Harnad

Manager of Events

OASIS Open

   
+1 703-508-3373
jane.harnad@...
www.oasis-open.org/events


Cancelled Event: OCA Monthly Marketing Group Meeting #cal-cancelled

oca@lists.oasis-open-projects.org Calendar <noreply@...>
 

Cancelled: OCA Monthly Marketing Group Meeting

This event has been cancelled.

When:
Thursday, April 1, 2021
2:00pm to 3:00pm
(UTC-04:00) America/New York
Repeats: Monthly on the first Thursday

Where:
Zoom call

Organizer: Jane Harnad jane.harnad@...

Description:

OASIS Zoom Team is inviting you to a scheduled Zoom meeting.

 Please download and import the following iCalendar (.ics) files to your calendar system.

Monthly: https://zoom.us/meeting/tJErf-yrqjkvG9cV09WIyA0PyLOYOPsnIpfP/ics?icsToken=98tyKuCtqDMvGdCXtRiERowMBIqgZ-nwiHpYjfpeqk-8NAlKQ1PGL85tC51PA9b5

 

Join Zoom Meeting

https://zoom.us/j/95685342513?pwd=MkhSNVN3MUFUYzhnTVloRlRGWXNDQT09

Meeting ID: 956 8534 2513

Passcode: 275636

 

One tap mobile

+13017158592,,95685342513#,,,,*275636# US (Washington D.C)

+13126266799,,95685342513#,,,,*275636# US (Chicago)

 

Dial by your location

+1 301 715 8592 US (Washington D.C)

+1 312 626 6799 US (Chicago)

+1 929 205 6099 US (New York)

+1 253 215 8782 US (Tacoma)

+1 346 248 7799 US (Houston)

+1 669 900 6833 US (San Jose)

 

Meeting ID: 956 8534 2513

Passcode: 275636

 

Find your local number: https://zoom.us/u/acc1GHU8ED


OCA happenings

Dee Schur
 

If you’d like to stay current with all the great OCA updates, watch these spaces: https://opencybersecurityalliance.org/posts/ and https://twitter.com/OpenCyberAllnc.

 

Regards,

dee

 

 

Dee Schur

Senior Manager, Development & Advocacy

OASIS Open

 

 

 

+1-941-321-6733

dee.schur@...

www.oasis-open.org/

 

 


Free admission to Cyber Security Summit, Wed., 13 Oct

Jane Harnad
 

OASIS Open is proud to partner with the Official Cyber Security Summit Series  again this year. 

The next summit will be held on Wednesday, October 13th.

 

We hope you can join us to learn about the latest cyber security threats facing your company, best cyber hygiene practices, solutions to protect against a cyberattack, and much more – all from the comfort and safety of your home/office.

 

Admission is usually $95, but we have secured Exclusive FREE Admission for our members!

 

To secure your free pass, register with code OASISOPENVIP

 at https://CyberSecuritySummit.com/summit/Scottsdale21

 
You can earn up to 8 Continuing Education Credits by attending the day in total!

 

The Director of Operations of The NSA, Red Team, will be leading a Security Keynote – “Looking Through the Eyes of the Cyber Attacker” - Exclusively at the Cyber Security Summit!

 

You are welcome to share this invitation with your IT Security Team and other Senior Level colleagues who would benefit from attending this event.

Please note: Admission is for C-Suite/Senior Level Executives, Directors, Managers, and other IT/Cyber Practitioners and Business Leaders. Those in Sales / Marketing and Students are not permitted.

 

We encourage you to attend this invitation-only event, rated Top 50 InfoSec Conference to Attend Worldwide!

 

For event details, visit https://CyberSecuritySummit.com/summit/Scottsdale21

 

If you would like to exhibit or speak at a future Cyber Security Summit, I'd be happy to connect you with the organizers or you can contact Megan Hutton directly at MHutton@....

 

Regards, Jane

 


--

Jane Harnad

Manager of Events

OASIS Open

   
+1 703-508-3373
jane.harnad@...
www.oasis-open.org/events

1 - 20 of 63