Only Seeing Stars: Enabling the Open Source Scripting Community with OCSF скачать в хорошем качестве

Only Seeing Stars: Enabling the Open Source Scripting Community with OCSF

Michael Bunner (REI, US) I have worked in IT for telecommunications, forestry, healthcare, retail and then 12 years in critical infrastructure where I built and lead Network Operations Center and Infrastructure Observability teams. Automation has always been part of every role I've ever had, ultimately performing it full-time on an "Automation Factory" where my favorite use-cases were cybersecurity. Security automation is not easy, or always obvious, but was the most rewarding. Automation is not just about doing things faster or more often, but how we can shift our focus to more meaningful work only humans can do. Mike Bunner lives in Seattle, WA, USA and currently works as a Senior Security Automation Engineer at a large outdoor retailer. When he's not automating, you'll find him skiing year-round on one of the regions many volcanoes. -- Do you have more starred repos than you have time to think about? Are you a script or content builder seeing friction with integration and adoption of your work?Community software is innovative, responds quickly to emerging issues and is immediately accessible. But it's extremely disparate and operates ad-hoc. SOAR attempts to solve this with closed ecosystems, but at the cost of vendor lock-in.In this presentation we will demonstrate how we as script builders, implementers and data providers can build a more cohesive open source ecosystem with the adoption of Open Cybersecurity Schema Framework (OCSF) and Elastic Common Schema (ECS).Adoption of a standard schema brings your work into a predictable ecosystem and production readiness. Standards allow us to chain our tooling with less integration overhead, increasing the likelihood of seeing our tools put into production.See how a single object in OCSF can enable automation across threat hunting, EDR, software removal, email gateways, firewalls, and 3rd party registries.