OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu

  • 1.  Example Playbook

    Posted 10-14-2019 19:35
    All, In order to help us have concrete discussions and ensure that we are designing things that will work, I would encourage people to add a real example in the Use Cases document.  To this end I have started fleshing out a malware cleanup playbook.  You can find it here: https://docs.google.com/document/d/19JxhZ-rzJTm2AknJL3YnrVRr4L_TFGnszlHoCDWqiWc/edit#heading=h.4iz8u0rgxtuh Please feel free to add to it, expand it, clean it up, etc.  You will also see that I am trying to figure out what the JSON structure would look like to capture this information. You will find it below the text for the playbook.  It is very much a super early work in progress.  Please feel free to add, change, or expand.  If you have a totally different idea for how to do it, please add your solution below it. We are just trying to get people thinking and designing.  I call this, throwing spaghetti at the wall and seeing what sticks phase.  Bret