OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu

 View Only

Enrichment Playbook proposed text

  • 1.  Enrichment Playbook proposed text

    Posted 01-25-2022 14:48
      |   view attached
    Bret: Attached is a Word document with my proposed text for the Enrichment Playbook. I've also pasted the text below. 2.2.8 Enrichment Playbook A playbook that is primarily focused on the orchestration steps required to establish and maintain application interfaces (APIs) with threat intelligence platforms (TIPs) and other devices used in computer networks for cyber threat detection and hunting. Enrichment is used as a way to add related cyber observables to a threat intelligence feed and to map these observables to potential threat activity. By using Enrichment Playbooks network security operators can map data from their own logs to information shared from open sources and trust communities that has been flagged as potentially malicious. X-NONE X-NONE -- ********************************** R. Jane Ginn, MSIA, MRP OASIS, CTI TC Co-Secretary OASIS, TAC TC Secretary jg@ctin.us ********************************** Attachment: EnrichmentPlaybookText.docx Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document

    Attachment(s)