SlideShare a Scribd company logo

IEEE-CSR-DS4CS-Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks.pdf

V
Vasileios Mavroeidis

As cyber systems become increasingly complex and cybersecurity threats become more prominent, defenders must prepare, coordinate, automate, document, and share their response methodologies to the extent possible. The CACAO standard was developed to satisfy the above requirements providing a common machine-readable framework and schema to document cybersecurity operations processes, including defensive tradecraft and tactics, techniques, and procedures. Although this approach is compelling, a remaining limitation is that CACAO provides no native modeling notation for graphically representing playbooks, which is crucial for simplifying their creation, modification, and understanding. In contrast, the industry is familiar with BPMN, a standards-based modeling notation for business processes that has also found its place in representing cybersecurity processes. This research examines BPMN and CACAO and explores the feasibility of using the BPMN modeling notation to graphically represent CACAO security playbooks. The results indicate that mapping CACAO and BPMN is attainable at an abstract level; however, conversion from one encoding to another introduces a degree of complexity due to the multiple ways CACAO constructs can be represented in BPMN and the extensions required in BPMN to fully support CACAO.

Presentations & Public Speaking
1 of 13
Download to read offline
Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks Authors: Mateusz Zych, Vasileios Mavroeidis, Konstantinos Fysarakis, Manos Athanatos Cyentific AS Projects supported this research:
Ph.D. Research Fellow Mateusz Zych Cyentific AS Present Status of Cybersecurity ● Increasing and more sophisticated cyber attacks ● Asynchronous time advantage between adversaries and defenders ● Defenders must prepare, coordinate, automate, document and share their response methodologies ● EU: NIS Legislation (Network and Information Security) ● Collaborative Automated Course of Action Operations (CACAO) 2 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Collaborative Automated Course of Action Operations (CACAO) ● Schema and taxonomy for cybersecurity playbooks ● Machine-readable ● Vendor-agnostic ● Maintained by the OASIS CACAO TC ● Early adoption 3 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Problem Statement/The Need ● CACAO: ○ New OASIS standard (upcoming) ○ Early adoption ○ No tools ○ No modeling notation ○ Challenging to work with 4 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Our Aim ● Examine the use of BPMN modeling notation as a candidate to graphically represent CACAO playbooks ● Provide a high-level construct mapping between CACAO and BPMN. 5 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Business Process Model Notation (BPMN) ● Maintained by Object Management Group (OMG) ● Published in 2011, ISO/IEC 19510 since 2013 ● Mature ● Support different levels of abstraction ● Rich set of graphical elements ● Wide range of tools and platforms. ● Also used for cybersecurity purposes 6 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS 7 of 13 CACAO-BPMN Mapping
Ph.D. Research Fellow Mateusz Zych Cyentific AS Use case 8 of 13 Template playbook in any format CACAO JSON BPMN Visualization Create Translate
Ph.D. Research Fellow Mateusz Zych Cyentific AS Use Case: Vulnerability Response Process (CISA) 9 of 13 CISA template playbook CACAO JSON BPMN (+ BPMN XML) https://github.com/cyentific-rni/bpmn-cacao
Ph.D. Research Fellow Mateusz Zych Cyentific AS Limitations ● Troublesome 1-1 mapping, however attainable ● Some CACAO construct can be modeled in several ways in BPMN ● BPMN Sub-Processes solves few problems but introduces complexity ● User need to be restricted to utilize 1-1 translator 10 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Further Work ● One-to-one mapping (in progress) ● BPMN extensions to support all metadata (finishing) ● Translator: CACAO->BPMN and BPMN->CACAO ○ Lossless conversion 11 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Conclusion ● Presented and analyzed the mapping ● Validated the feasibility of using BPMN to graphically represent CACAO ● Great value for defenders ○ Decreased time needed for working and understanding CACAO playbooks. 12 of 13
Ph.D. Research Fellow Mateusz Zych Cyentific AS Thank you for your attention Questions? 13 of 13 Get in touch! Linkedin

Recommended

The Future of DevSecOps
The Future of DevSecOpsThe Future of DevSecOps
The Future of DevSecOpsStefan Streichsbier
 
About an Immune System Understanding for Cloud-native Applications - Biology ...
About an Immune System Understanding for Cloud-native Applications - Biology ...About an Immune System Understanding for Cloud-native Applications - Biology ...
About an Immune System Understanding for Cloud-native Applications - Biology ...Nane Kratzke
 
An Application-Oriented Approach for Computer Security Education
An Application-Oriented Approach for Computer Security EducationAn Application-Oriented Approach for Computer Security Education
An Application-Oriented Approach for Computer Security EducationXiao Qin
 
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPTrends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPChristian Esteve Rothenberg
 
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Amélie Gyrard
 
presentation_ECMLPKDD16_Concept_v1
presentation_ECMLPKDD16_Concept_v1presentation_ECMLPKDD16_Concept_v1
presentation_ECMLPKDD16_Concept_v1Luís Moreira-Matias
 
Approximating Attack Surfaces with Stack Traces [ICSE 15]
Approximating Attack Surfaces with Stack Traces [ICSE 15]Approximating Attack Surfaces with Stack Traces [ICSE 15]
Approximating Attack Surfaces with Stack Traces [ICSE 15]Chris Theisen
 
Trustworthy Computational Science: Lessons Learned and Next Steps
Trustworthy Computational Science: Lessons Learned and Next StepsTrustworthy Computational Science: Lessons Learned and Next Steps
Trustworthy Computational Science: Lessons Learned and Next StepsVon Welch
 

Recommended

The Future of DevSecOps
The Future of DevSecOpsThe Future of DevSecOps
The Future of DevSecOpsStefan Streichsbier
 
About an Immune System Understanding for Cloud-native Applications - Biology ...
About an Immune System Understanding for Cloud-native Applications - Biology ...About an Immune System Understanding for Cloud-native Applications - Biology ...
About an Immune System Understanding for Cloud-native Applications - Biology ...Nane Kratzke
 
An Application-Oriented Approach for Computer Security Education
An Application-Oriented Approach for Computer Security EducationAn Application-Oriented Approach for Computer Security Education
An Application-Oriented Approach for Computer Security EducationXiao Qin
 
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPTrends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMP
Trends and Hot Topics in Networking 2023 - IA377 Seminar FEEC-UNICAMPChristian Esteve Rothenberg
 
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Amélie Gyrard
 
presentation_ECMLPKDD16_Concept_v1
presentation_ECMLPKDD16_Concept_v1presentation_ECMLPKDD16_Concept_v1
presentation_ECMLPKDD16_Concept_v1Luís Moreira-Matias
 
Approximating Attack Surfaces with Stack Traces [ICSE 15]
Approximating Attack Surfaces with Stack Traces [ICSE 15]Approximating Attack Surfaces with Stack Traces [ICSE 15]
Approximating Attack Surfaces with Stack Traces [ICSE 15]Chris Theisen
 
Trustworthy Computational Science: Lessons Learned and Next Steps
Trustworthy Computational Science: Lessons Learned and Next StepsTrustworthy Computational Science: Lessons Learned and Next Steps
Trustworthy Computational Science: Lessons Learned and Next StepsVon Welch
 
Resume
ResumeResume
ResumeArvind Raghuwanshi
 
Microcontroladores: programación de microcontroladores PIC de 8 bits en C
Microcontroladores: programación de microcontroladores PIC de 8 bits en CMicrocontroladores: programación de microcontroladores PIC de 8 bits en C
Microcontroladores: programación de microcontroladores PIC de 8 bits en CSANTIAGO PABLO ALBERTO
 
PyConPL 2017 - with python: security
PyConPL 2017 - with python: securityPyConPL 2017 - with python: security
PyConPL 2017 - with python: securityPiotr Dyba
 
Technical debt in machine learning - Data Natives Berlin 2018
Technical debt in machine learning - Data Natives Berlin 2018Technical debt in machine learning - Data Natives Berlin 2018
Technical debt in machine learning - Data Natives Berlin 2018Jaroslaw Szymczak
 
Software engineering project(srs)!!
Software engineering project(srs)!!Software engineering project(srs)!!
Software engineering project(srs)!!sourav verma
 
Kallio Chipster Bosc2009
Kallio Chipster Bosc2009Kallio Chipster Bosc2009
Kallio Chipster Bosc2009bosc
 
Agile project management in IT - Sebastian Sussmann
Agile project management in IT - Sebastian SussmannAgile project management in IT - Sebastian Sussmann
Agile project management in IT - Sebastian SussmannDevDay.org
 
How npm is making JavaScript safe for everyone
How npm is making JavaScript safe for everyoneHow npm is making JavaScript safe for everyone
How npm is making JavaScript safe for everyoneDaniel Sauble
 
Technical debt in ML | Jaroslaw Szymczak | DN18
Technical debt in ML | Jaroslaw Szymczak | DN18Technical debt in ML | Jaroslaw Szymczak | DN18
Technical debt in ML | Jaroslaw Szymczak | DN18DataconomyGmbH
 
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLXDN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLXDataconomy Media
 
202212APSEC.pptx.pdf
202212APSEC.pptx.pdf202212APSEC.pptx.pdf
202212APSEC.pptx.pdfHiroshi Maruyama
 
Samsung SDS OpeniT - The possibility of Python
Samsung SDS OpeniT - The possibility of PythonSamsung SDS OpeniT - The possibility of Python
Samsung SDS OpeniT - The possibility of PythonInsuk (Chris) Cho
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure DevelopmentBosnia Agile
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuNixu Corporation
 
OpenStack Control Plane Architectures - Design Solutions
OpenStack Control Plane Architectures - Design SolutionsOpenStack Control Plane Architectures - Design Solutions
OpenStack Control Plane Architectures - Design SolutionsShane Gibson
 
Se research update
Se research updateSe research update
Se research updateNacha Chondamrongkul
 
cv-2016-23
cv-2016-23cv-2016-23
cv-2016-23Sergei Vorobyov
 
praveen projectdocx mini.2 (1).
praveen projectdocx mini.2 (1).praveen projectdocx mini.2 (1).
praveen projectdocx mini.2 (1).akashganathay
 
Anurag Awasthi - Machine Learning applications for CloudStack
Anurag Awasthi - Machine Learning applications for CloudStackAnurag Awasthi - Machine Learning applications for CloudStack
Anurag Awasthi - Machine Learning applications for CloudStackShapeBlue
 
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...NECST Lab @ Politecnico di Milano
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfakankshagupta7348026
 

More Related Content

Similar to IEEE-CSR-DS4CS-Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks.pdf

Microcontroladores: programación de microcontroladores PIC de 8 bits en C
Microcontroladores: programación de microcontroladores PIC de 8 bits en CMicrocontroladores: programación de microcontroladores PIC de 8 bits en C
Microcontroladores: programación de microcontroladores PIC de 8 bits en CSANTIAGO PABLO ALBERTO
 
PyConPL 2017 - with python: security
PyConPL 2017 - with python: securityPyConPL 2017 - with python: security
PyConPL 2017 - with python: securityPiotr Dyba
 
Technical debt in machine learning - Data Natives Berlin 2018
Technical debt in machine learning - Data Natives Berlin 2018Technical debt in machine learning - Data Natives Berlin 2018
Technical debt in machine learning - Data Natives Berlin 2018Jaroslaw Szymczak
 
Software engineering project(srs)!!
Software engineering project(srs)!!Software engineering project(srs)!!
Software engineering project(srs)!!sourav verma
 
Kallio Chipster Bosc2009
Kallio Chipster Bosc2009Kallio Chipster Bosc2009
Kallio Chipster Bosc2009bosc
 
Agile project management in IT - Sebastian Sussmann
Agile project management in IT - Sebastian SussmannAgile project management in IT - Sebastian Sussmann
Agile project management in IT - Sebastian SussmannDevDay.org
 
How npm is making JavaScript safe for everyone
How npm is making JavaScript safe for everyoneHow npm is making JavaScript safe for everyone
How npm is making JavaScript safe for everyoneDaniel Sauble
 
Technical debt in ML | Jaroslaw Szymczak | DN18
Technical debt in ML | Jaroslaw Szymczak | DN18Technical debt in ML | Jaroslaw Szymczak | DN18
Technical debt in ML | Jaroslaw Szymczak | DN18DataconomyGmbH
 
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLXDN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLXDataconomy Media
 
Samsung SDS OpeniT - The possibility of Python
Samsung SDS OpeniT - The possibility of PythonSamsung SDS OpeniT - The possibility of Python
Samsung SDS OpeniT - The possibility of PythonInsuk (Chris) Cho
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure DevelopmentBosnia Agile
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuNixu Corporation
 
OpenStack Control Plane Architectures - Design Solutions
OpenStack Control Plane Architectures - Design SolutionsOpenStack Control Plane Architectures - Design Solutions
OpenStack Control Plane Architectures - Design SolutionsShane Gibson
 
praveen projectdocx mini.2 (1).
praveen projectdocx mini.2 (1).praveen projectdocx mini.2 (1).
praveen projectdocx mini.2 (1).akashganathay
 
Anurag Awasthi - Machine Learning applications for CloudStack
Anurag Awasthi - Machine Learning applications for CloudStackAnurag Awasthi - Machine Learning applications for CloudStack
Anurag Awasthi - Machine Learning applications for CloudStackShapeBlue
 
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...NECST Lab @ Politecnico di Milano
 

Similar to IEEE-CSR-DS4CS-Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks.pdf (20)

Resume
ResumeResume
Resume
 
Microcontroladores: programación de microcontroladores PIC de 8 bits en C
Microcontroladores: programación de microcontroladores PIC de 8 bits en CMicrocontroladores: programación de microcontroladores PIC de 8 bits en C
Microcontroladores: programación de microcontroladores PIC de 8 bits en C
 
PyConPL 2017 - with python: security
PyConPL 2017 - with python: securityPyConPL 2017 - with python: security
PyConPL 2017 - with python: security
 
Technical debt in machine learning - Data Natives Berlin 2018
Technical debt in machine learning - Data Natives Berlin 2018Technical debt in machine learning - Data Natives Berlin 2018
Technical debt in machine learning - Data Natives Berlin 2018
 
Software engineering project(srs)!!
Software engineering project(srs)!!Software engineering project(srs)!!
Software engineering project(srs)!!
 
Kallio Chipster Bosc2009
Kallio Chipster Bosc2009Kallio Chipster Bosc2009
Kallio Chipster Bosc2009
 
Agile project management in IT - Sebastian Sussmann
Agile project management in IT - Sebastian SussmannAgile project management in IT - Sebastian Sussmann
Agile project management in IT - Sebastian Sussmann
 
How npm is making JavaScript safe for everyone
How npm is making JavaScript safe for everyoneHow npm is making JavaScript safe for everyone
How npm is making JavaScript safe for everyone
 
Technical debt in ML | Jaroslaw Szymczak | DN18
Technical debt in ML | Jaroslaw Szymczak | DN18Technical debt in ML | Jaroslaw Szymczak | DN18
Technical debt in ML | Jaroslaw Szymczak | DN18
 
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLXDN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
DN18 | Technical Debt in Machine Learning | Jaroslaw Szymczak | OLX
 
202212APSEC.pptx.pdf
202212APSEC.pptx.pdf202212APSEC.pptx.pdf
202212APSEC.pptx.pdf
 
Samsung SDS OpeniT - The possibility of Python
Samsung SDS OpeniT - The possibility of PythonSamsung SDS OpeniT - The possibility of Python
Samsung SDS OpeniT - The possibility of Python
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure Development
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo Nixu
 
OpenStack Control Plane Architectures - Design Solutions
OpenStack Control Plane Architectures - Design SolutionsOpenStack Control Plane Architectures - Design Solutions
OpenStack Control Plane Architectures - Design Solutions
 
Se research update
Se research updateSe research update
Se research update
 
cv-2016-23
cv-2016-23cv-2016-23
cv-2016-23
 
praveen projectdocx mini.2 (1).
praveen projectdocx mini.2 (1).praveen projectdocx mini.2 (1).
praveen projectdocx mini.2 (1).
 
Anurag Awasthi - Machine Learning applications for CloudStack
Anurag Awasthi - Machine Learning applications for CloudStackAnurag Awasthi - Machine Learning applications for CloudStack
Anurag Awasthi - Machine Learning applications for CloudStack
 
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
System Security @ NECSTLab and Breaking the Laws of Robotics: Attacking Indus...
 

Recently uploaded

OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfakankshagupta7348026
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfhenrik385807
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxBasil Achie
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesPooja Nehwal
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Pooja Nehwal
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 

Recently uploaded (20)

OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
 

IEEE-CSR-DS4CS-Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks.pdf

  • 1. Reviewing BPMN as a Modeling Notation for CACAO Security Playbooks Authors: Mateusz Zych, Vasileios Mavroeidis, Konstantinos Fysarakis, Manos Athanatos Cyentific AS Projects supported this research:
  • 2. Ph.D. Research Fellow Mateusz Zych Cyentific AS Present Status of Cybersecurity ● Increasing and more sophisticated cyber attacks ● Asynchronous time advantage between adversaries and defenders ● Defenders must prepare, coordinate, automate, document and share their response methodologies ● EU: NIS Legislation (Network and Information Security) ● Collaborative Automated Course of Action Operations (CACAO) 2 of 13
  • 3. Ph.D. Research Fellow Mateusz Zych Cyentific AS Collaborative Automated Course of Action Operations (CACAO) ● Schema and taxonomy for cybersecurity playbooks ● Machine-readable ● Vendor-agnostic ● Maintained by the OASIS CACAO TC ● Early adoption 3 of 13
  • 4. Ph.D. Research Fellow Mateusz Zych Cyentific AS Problem Statement/The Need ● CACAO: ○ New OASIS standard (upcoming) ○ Early adoption ○ No tools ○ No modeling notation ○ Challenging to work with 4 of 13
  • 5. Ph.D. Research Fellow Mateusz Zych Cyentific AS Our Aim ● Examine the use of BPMN modeling notation as a candidate to graphically represent CACAO playbooks ● Provide a high-level construct mapping between CACAO and BPMN. 5 of 13
  • 6. Ph.D. Research Fellow Mateusz Zych Cyentific AS Business Process Model Notation (BPMN) ● Maintained by Object Management Group (OMG) ● Published in 2011, ISO/IEC 19510 since 2013 ● Mature ● Support different levels of abstraction ● Rich set of graphical elements ● Wide range of tools and platforms. ● Also used for cybersecurity purposes 6 of 13
  • 7. Ph.D. Research Fellow Mateusz Zych Cyentific AS 7 of 13 CACAO-BPMN Mapping
  • 8. Ph.D. Research Fellow Mateusz Zych Cyentific AS Use case 8 of 13 Template playbook in any format CACAO JSON BPMN Visualization Create Translate
  • 9. Ph.D. Research Fellow Mateusz Zych Cyentific AS Use Case: Vulnerability Response Process (CISA) 9 of 13 CISA template playbook CACAO JSON BPMN (+ BPMN XML) https://github.com/cyentific-rni/bpmn-cacao
  • 10. Ph.D. Research Fellow Mateusz Zych Cyentific AS Limitations ● Troublesome 1-1 mapping, however attainable ● Some CACAO construct can be modeled in several ways in BPMN ● BPMN Sub-Processes solves few problems but introduces complexity ● User need to be restricted to utilize 1-1 translator 10 of 13
  • 11. Ph.D. Research Fellow Mateusz Zych Cyentific AS Further Work ● One-to-one mapping (in progress) ● BPMN extensions to support all metadata (finishing) ● Translator: CACAO->BPMN and BPMN->CACAO ○ Lossless conversion 11 of 13
  • 12. Ph.D. Research Fellow Mateusz Zych Cyentific AS Conclusion ● Presented and analyzed the mapping ● Validated the feasibility of using BPMN to graphically represent CACAO ● Great value for defenders ○ Decreased time needed for working and understanding CACAO playbooks. 12 of 13
  • 13. Ph.D. Research Fellow Mateusz Zych Cyentific AS Thank you for your attention Questions? 13 of 13 Get in touch! Linkedin