[saag] CACAO BOF Preview
Joseph Salowey <joe@salowey.net> Thu, 28 March 2019 08:40 UTC
Return-Path: <joe@salowey.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3049F120258 for <saag@ietfa.amsl.com>; Thu, 28 Mar 2019 01:40:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HgX2SYpsyh1I for <saag@ietfa.amsl.com>; Thu, 28 Mar 2019 01:40:48 -0700 (PDT)
Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C07DB120243 for <saag@ietf.org>; Thu, 28 Mar 2019 01:40:48 -0700 (PDT)
Received: by mail-qt1-x82e.google.com with SMTP id k2so22149494qtm.1 for <saag@ietf.org>; Thu, 28 Mar 2019 01:40:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=rtwTumcqAO3aebF7gqJfRCkIe9w1257WZa4Ha03+7p8=; b=roukHor80e3uvwgG4MGryjSNNz4m9xdJ2jYkCCCidGxRKYS/VJIi4I8eedhc8xZHH3 nn3PaAv/xR/sI2m6ffYbg4FOZZafvE8whbjlDdjA8Lcqcxi4qmSNCLmXXwUliVrKX+hT o8T4Bw09TIkVtTnkD2bEcujn9Wjl1dyUoTvcb7Cop2zMAgtBBygKfCQ0F+wAwR1UARe8 cmbqOhv9/qT+rkqD2O4UvOsajUfV/AQSR22aVFXFzd24vrU0ZI2GlQTIee/M8yPblAOg MmifTKnrEHZV7irQPUzUyBkrRDatMK+k0W5BLQf/IRUp1fW8OzZfvE5r11Eu2LO5Gr/G M5tA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=rtwTumcqAO3aebF7gqJfRCkIe9w1257WZa4Ha03+7p8=; b=QVPX5jxAh9+6KSE/aXVCOwZclfoZNo4+pFv0fGYoVV6M20RuJuGuEv1/E6WlRjpYnh xauZb61JlfKQKbO1w4IrFAoeq1SlmeBRPTFuYyAEgd0C+3nnUUiBf3/RL6KoHKQcv8sB 22hXd+KBfbcQSfMbwUD1gq7WP9qQiuBLxq8xgAjPmh8N9IPxrivwBTK3ZCHVHFJJ1yRN P0wfsq6fbuS4pWUUgeq95sPD3R5ZhAWKWGjNe83nzxxuxX/ncpDHRBE40pnb9wUhWsOm TKOo4f952eKo9nmwLd+W8V6cyNw/bYGHiiagBM5jWW0jXNveGpwi+E4aIAPBbUpONDRx 8kfg==
X-Gm-Message-State: APjAAAU18MpSPxD2Sp/TarlqY2SfGThhDN/whvXoYzedfdHnc4sYL6My zf6KmlufCgxeSt9bhZzr3Lh3ExV8IaA/TKuMgplyinQTx8pyM2fx
X-Google-Smtp-Source: APXvYqwwbrIKyfHPRaT5UTvIVSGgpEhENoaoIqCY2icqXG1WBLjtToFHd3Kkkk5qXbYuVgEVqVYTlnlYiiv44vdnc30=
X-Received: by 2002:a0c:b785:: with SMTP id l5mr34372151qve.225.1553762447534; Thu, 28 Mar 2019 01:40:47 -0700 (PDT)
MIME-Version: 1.0
From: Joseph Salowey <joe@salowey.net>
Date: Thu, 28 Mar 2019 09:40:36 +0100
Message-ID: <CAOgPGoBKm8AhGq-_190hccPoVVZ+92gOES4OKA1Nz42huqoq3A@mail.gmail.com>
To: saag@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c041a605852382f5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/KAyD-wHw1pzRcxeb57PSjOLm-PM>
Subject: [saag] CACAO BOF Preview
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2019 08:40:51 -0000
The CACO BOF will be meeting on Friday morning. Operational security teams create run books to define courses of action (COA) to remediate and mitigate specific threats. Today these COA are specific to an organization and are not easily shared for collaboration between organizations. In addition, the COA process is largely manual which makes them slow to apply and difficult to track their results and effectiveness. The CACAO BOF proposes to develop a machine processable format for defining a high level course of action so it can be shared and collaborated on between organizations. The ultimate goal is to allow for automation of parts or all of the course of action by defining protocols to allow for collaboration on the COA and by interfacing with existing protocols to take the necessary actions. Please join us in Berlin/Brussels from 9:00 - 10:30 on Friday morning.
- [saag] CACAO BOF Preview Joseph Salowey