OASIS Announces Public Review of the MQTT Transfer Specification, v1.0.
OpenC2 transfer specifications describe how to use standard protocols to transfer OpenC2 messages.
The MQTT Transfer Specification describes how to use
MQTT v5.0 in support of OpenC2 messaging.
OASIS Publishes CSD01 of the OpenC2 Language Specification, v1.1.
The Language Specification is the foundation document defining the OpenC2 language.
Version 1.1 of the Language Specification will address changes identified since the
November 2019 publication of v1.0, CSD02.
OASIS Publishes CS01 of the JSON Abstract Data Notation (JADN) Specification, v1.0.
JSON Abstract Data Notation (JADN) is a UML-based information modeling language that defines data structure
independently of data format. Information models are used to define and generate physical data models,
validate information instances, and enable lossless translation across data formats. A JADN specification
consists of two parts: type definitions that comprise the information model, and serialization rules that
define how information instances are represented as data.
OASIS Publishes CSD01 of the Actuator Profile for Packet Filtering, v1.0.
The Packet Filtering AP will combine stateless and stateful packet filtering
under a single AP, and make provisions for use in cloud environments.
Future Challenges and Directions for Security Automation and Orchestration (video).
Neal Ziring, Technical Director, National Security Agency delivers the keynote address
for the Borderless Cyber 2021, in which he discusses the importance of OpenC2 in evolving cybersecurity challenges.
STIX, OpenC2, CACAO Playbooks: Cybersecurity Standards Working Together To Tackle Recent String of High-Profile Hacks (video).
Michael Rosa (NSA) explores OpenC2 applications (at approximately the
twenty-six minute
mark) in a Borderless Cyber panel
on how standards could help with the recent attacks.
A successful OpenC2 Plugfest was held in conjunction with Borderless Cyber 2021.
Sharing & Exchanging SBOMs (paper).
The NTIA Software Transparency Multistakeholder Group is producing documentation
on how improve software supply chain, particularly on the value om
Software Bill of Materials (SBOM).
The "Sharing & Exchanging SBOMs" paper includes OpenC2 as one of the mechanisms.
Demonstrating OpenC2 and SOAR (video)
IACD
experiment using OpenC2 with a
Swimlane
orchestrator and
Symantec ICDx
to respond to malicious software download.
"Cybersecurity Automation" (video - click on word "English")
was presented at the ITU Kaleidoscope Academic Conference,
including openC2's role in cybersecurity automation
Cyber Security Automation Virtual Plugfest / Hackathon
Information about the October 28, 2020 Plugfest / Hackathon,
a mashup of SBOM / OpenC2 / SCAPv2 / IACD / CACAO / OCA / MUD / DBOM
virtual Proof-of-Concept(PoC) / plugfest / hackathon.
SBOM PoC / OpenC2 Plugfest / Hackathon.
A LinkedIn post by Dan Johnson.
A nonproprietary language for the command and control of cyber defenses – OpenC2
An academic paper by Vasileios Mavroeidis.
OpenC2 Orchestration vs the Cyber Kill Chain.
A blog post on Medium by Erich Izdepski.
Making IoT safer with BEAM OTP
A presentation to Code BEAM SF 2020 by Duncan Sparrell (video).
Introducing Collaborative Automated Course of Action Operations (CACAO): An Emerging Cybersecurity Standard to Quickly Define and Share Playbooks
A blog post on SecuityIntelligence.com by Stephanie Hazlewood.
EclecticIQ Joins Forces with Endpoint Solution Provider PolyLogyx
A press release on businesswire.com.
Through the First OpenC2 Plugfest - Towards Standardization
A LinkedIn article by Vasileios Mavroeidis
Twenty-eight organizations meet across two days to test interoperability and implement the standard at the inaugural OpenC2 PlugFest
Information about the January 27-28, 2020 OpenC2 Plugfest / Hackathon sponsored by Dreamport and hosted by UMBC Training.
Open Command and Control (OpenC2) Language Specification v1.0 from OpenC2 TC approved as a Committee Specification
OASIS announcement of the publication of the 24 November 2019 CS02 version of the OpenC2 Language Specification.
ITU Kaleidoscope
Conference proceedings for December 2019 ITU Kaleidoscope (large PDF), includes paper on Cyber-Safety in Healthcare IoT by Duncan Sparrell
Open Command and Control (OpenC2) Language Specification Version 1.0 (CS02)
The HTML version of the OpenC2 Language Specification, CS02.
Improving IOT Safety using standards to improve IOT Security
A presentation by Duncan Sparrell at Borderless Cyber in Washington, DC (conference program entry).
Guidebook Session
3 Promising Technologies Making an Impact on Cybersecurity
A commentary article on DARKReading by Jon Oltsik.
A New Window Onto an OpenC2 World
A report (PDF) from HardenStance.com about the publication of three initial OpenC2 Committee Specifications.
Three Committee Specifications approved by Open Command and Control (OpenC2) TC
The official OASIS publication announcement for the three inital OpenC2 Committee Specifications (CS01 versions).
Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0 (CS01)
The HTML version of the HTTPS Transfer Specification, CS01.
Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0 (CS01)
Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0
The HTML version of the Stateless Packet Filtering actuator profile, CS01.
Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0 (CS01)
Open Command and Control (OpenC2) Language Specification Version 1.0
The HTML version of the OpenC2 Language Specification, CS01.
5 threat detection and response technologies are coming together
A Cybersecurity Snippets article by Jon Oltsik at CSO Online.
OpenC2 can accelerate security operations, automation, and orchestration
A Cybersecurity Snippets article by Jon Oltsik at CSO Online.
Security operations activities to watch in 2019
A Cybersecurity Snippets article by Jon Oltsik at CSO Online.
Busting Cybersecurity Silos
An article by Sridhar Muppidi at SecurityIntelligence.com.
Duncan Sparrell interview with Ed Amoroso of TAG Cyber
Duncan Sparrell, Chief Cyber Curmudgeon at S-Fractal Consulting,
chats about his long career at AT&T, current projects, and trends
in cyber security (YouTube video).
IoTsm "Response at Cyberspeed to Attack" Proceedings of the International Conference on Industrial Internet of Things and Smart Manufacturing
Let it Be Hacked - Code Beam SF 2018
Presentation by Duncan Sparrell at Code Beam SF 2018 (video).
Cybersecurity, Erlang, & Opensource Combine in OpenC2
Responding to Cyber Attacks at Machine Speed.
Presentation by Duncan Sparrell at Rochester Security Summit 2017 (Prezi).
International Community Comes Together at OASIS to Advance OpenC2 Standard for Automated Defense Against Cyber-Attacks
OASIS press release about the work of the OpenC2 Technical Committee.
NSA's new open language for cyber-defenses will aid interoperability
Article about OpenC2 and the formation of the OASIS OpenC2 TC by Shaun Waterman on cyberscoop.com.
Formation meeting for OASIS OpenC2 Technical Committee.
Public link to meeting minutes for the formation meeting.
OpenC2 Forum Transitions to OASIS OpenC2 TC
OASIS Call For Participation in the newly-forming OpenC2 Technical Committee.
Responding to Cyber Attack at Machine Speed - Duncan Sparrell
Presentation by Duncan Sparrell at Erlang & Elixir Factory SF 2017 (YouTube video).
OpenC2 Forum founded to create OpenC2 language