IACD Updates Archive

NEW VIDEO: BEYOND INDICATOR SHARING

To improve information sharing, the cyber defense community needs to move beyond indicator sharing focused on detections of individual attacks, towards the sharing of machine-readable descriptions of attacker behaviors that span multiple attacks, as described in the following video.

NEW VIDEO: SECURING AUTOMATION WITH API GATEWAYS

SOAR workflows routinely utilize Advanced Programming Interfaces (APIs) to interact with the various security tools required for cyber defense. Securing these calls to the API is critical. IACD has conducted research into how to utilize API gateways to enhance the security of making these calls and provides a video to help the community leverage this research.

UPCOMING EVENT: MOSAICS INDUSTRY DAY

The More Situational Awareness for Industrial Control Systems (MOSAICS) team has been working to apply SOAR to the DOD ICS environment and capture some of these lessons learned for defending critical infrastructure.  The MOSAICS team will be hosting virtual Industry Days on November 4th and 5th

JOIN OUR TECHNICAL COMMUNITY FOR SOAR APPLICATIONS (NOVEMBER 2020)

We are seeking to include new members in our Technical Community. Members will provide technical input on the draft Protection Profile for Security Orchestration, Automation, and Response (SOAR) Applications during two upcoming public comment periods. The comment periods are anticipated to begin in November 2020. To learn more, contact icd@iacdautomate.org.

NEW VIDEO: AUTOMATING NETWORK CONNECTIVITY BASED ON SHARED THREAT INTELLIGENCE REPORTS

When a site your organization needs to access gets hacked, how long do you block it? We can use a common definition of confidence for cyber threat intelligence IOCs to know when sites we need may be safe again.

NEW VIDEO: THE VALUE IN SHARING THREAT INTELLIGENCE CONFIDENCE

A standardized definition of threat intelligence confidence would enable the community to review indicators of compromise (IOCs) to determine whether or not they are actively malicious. These insights can help improve our overall ability to take action.

THE EVOLUTION OF THE CYBERSECURITY ECOSYSTEM JOURNAL IS NOW AVAILABLE!

A Conversational Journal for Cybersecurity Automation; Some of the conversational topics include Artificial Intelligence, Business, Community, Ecosystem, and Operations. Check out what the community has to share, subscribe for updates, and submit your own contributions! For questions, email us at icd@iacdautomate.org.

IACD COMMUNITY LOGO NOW AVAILABLE!

In the last year and a half, the market has changed drastically and organizations have made the commitment to automation in cyber operations. There are now many operational deployments with organizations willing to share lessons learned with their peers. Based on discussions with our members and partners, we have determined that the IACD community logo no longer requires a unique 2-day event hosted at JHU/APL in the future. As part of this transition, we are making available a new logo to represent IACD community members. Members of the IACD community can download and use this logo when discussing IACD in the future.