This page is a companion page to Demo Use Cases. It contains a brief summary of the project involved, how it fits into the use case, and provices links to supporting information (e.g. STIX bundles, CACAO playbooks, OpenC2 commands, ...) and to the organizations interworking with them in sweat equity.
They are listed ordered by amount of sweat equity, evaluated subjectively using:
N = (3*X) + (2*Y) + Z
where:
- X = number of organizations providing working software machine-to-machine API's using this technology. For example sFractal's TwinklyMaHa interfaces MQTT/OpenC2 with the DKI MQTT broker which in turn interfaces MQTT/OpenC2 with the HII OIF project. These interfaces can be used to demo OpenC2 use in the Day 1,2,3,4 use cases. This would result in X=3 (sFractal, HII, NSA).
- Y = similar to X, but instead of machine-to-machine, there is human-to-machine interface. For example, certain vendors may demo products that don't have standard interfaces but can show value to the use case by allowing village participants to use the human interface to their technology
- Z = similar to X but hand-waving lycan is involved
OpenC2 is a standardized language for the command and control of technologies that provide or support cyber defenses. By providing a common language for machine-to-machine communication, OpenC2 is vendor and application agnostic, enabling interoperability across a range of cyber security tools and applications. The use of standardized interfaces and protocols enables interoperability of different tools, regardless of the vendor that developed them, the language they are written in or the function they are designed to fulfill.
For more info, see https://openc2.org/
- X = 3 (HII/NSA, IBM, sFractal)
- Y = 0
- Z = 0
- N = 9
OpenC2 commands were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings
- add text here explaining how used, link to sweat equity and supporting files
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
Kestrel is an Open Cybersecurity Alliance subproject developing a threat hunting language which provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt
- X = 2 (HII/NSA, IBM)
- Y = 0
- Z = 0
- N = 6
Kestrel hunt books were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings
- add text here explaining how used, link to sweat equity and supporting files
PACE ....
- X = 2 (HII/NSA, sFractal)
- Y = 0
- Z = 0
- N = 6
PACE were used in the Demo Use Case: PACE systems were used:
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
CACAO ....
- X = 0
- Y = 1 (Cydarm)
- Z = 1 (sFractal)
- N = 3
CACAO playbooks were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings
- add text here explaining how used, link to sweat equity and supporting files
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
CSAF ....
- X = 1 (sFractal)
- Y = 0
- Z = 0
- N = 3
CSAF were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
SBOM ....
- X = 1 (sFractal)
- Y = 0
- Z = 0
- N = 3
SBOMs were used in the Demo Use Case:
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
STIX Shifter ....
- X = 1 (IBM)
- Y = 0
- Z = 0
- N = 3
STIX Shifter was used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings
- add text here explaining how used, link to sweat equity and supporting files
VEX ....
- X = 1 (sFractal)
- Y = 0
- Z = 0
- N = 3
VEXs were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
IoB ....
- X = 1 (JHU/APL)
- Y = 0
- Z = 0
- N = 3
XXX were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings
- add text here explaining how used, link to sweat equity and supporting files
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
- Day 5 by law enforecement
- add text here explaining how used, link to sweat equity and supporting files
- Day 6 by the military
- add text here explaining how used, link to sweat equity and supporting files
NIEMOpen ....
- X = 0
- Y = 0
- Z = 1 (sFractal)
- N = 1
NIEMOpen was used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP and law enforcement
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings and law enforcement
- add text here explaining how used, link to sweat equity and supporting files
- Day 5 by law enforcement and the courts
- add text here explaining how used, link to sweat equity and supporting files
- Day 6 by the military
- add text here explaining how used, link to sweat equity and supporting files
TAC ....
- X = 0
- Y = 0
- Z = 0
- N = 0
TAC were used in the Demo Use Case:
- Day 1 by Murphy’s Law LLP
- add text here explaining how used, link to sweat equity and supporting files
- Day 2 by On Deck Holdings
- add text here explaining how used, link to sweat equity and supporting files
- Day 3 by Triumvirate CleanUp
- add text here explaining how used, link to sweat equity and supporting files
- Day 4 by NSAANSA
- add text here explaining how used, link to sweat equity and supporting files
- Day 5 by law enforecement
- add text here explaining how used, link to sweat equity and supporting files
- Day 6 by the military
- add text here explaining how used, link to sweat equity and supporting files
OXA ....
- X = 0
- Y = 0
- Z = 0
- N = 0
OXA were used in the Demo Use Case:
- none yet, need to add, probably in PACE security posture details
SpydeRisk ....
- X = 0
- Y = 0
- Z = 0
- N = 0
SpydeRisk was used in the Demo Use Case:
- none yet, need to add, probably in PACE security posture details
OHDF ....
- X = 0
- Y = 0
- Z = 0
- N = 0
OHDF were used in the Demo Use Case:
- none yet, need to add, probably in PACE security posture details
VSMI ....
- X = 0
- Y = 0
- Z = 0
- N = 0
VSMI were used in the Demo Use Case:
- none yet, need to add, probably in PACE security posture details
SARIF ....
- X = 0
- Y = 0
- Z = 0
- N = 0
SARIF were used in the Demo Use Case:
- none yet, need to add, probably in PACE security posture details