September 28, 2023

OpenC2 Presentation at SecOps24.

TC member Vasileios Mavroeidis will be presenting on OpenC2 at the SecOps2024 International Exercise & Conference on Security Operations. This event takes place February 15, 2024 in Budapest, Hungary.

Title: Do away with siloed cybersecurity operations and customized integrations.

Description: As the number of vulnerable channels continues to grow, there is also an increase in the deployment of security solutions. This highlights the importance of interconnecting an organization’s cybersecurity solutions to ensure ongoing and effective threat management. However, integrations are costly to develop and maintain and heavily rely on proprietary communication interfaces that require reconfiguring parts or the entire defense ecosystem of the organization when tools are introduced or replaced or when there are updates to the APIs utilized. This presentation will discuss OASIS Open Command and Control (OpenC2), a standardized machine-to-machine language for the command and control of cyber defense technologies, allowing them to interoperate without needing customized integrations.

May 24, 2023

OpenC2 Participating in Cybersecurity Automation Village.

OpenC2 TC member organizations will be participating in the 13 June 2023 Cybersecurity Automation Village. The Village, sponsored by the Open Cybersecurity Alliance CASP subproject, is for sharing information, prototyping, testing, and specifying interoperability among cybersecurity automation technologies.

OpenC2 members will participate in use cases involving the Kestrel Threat Hunting Language and CACAO-based automation.

April 19, 2023

Information Modeling with JADN Version 1.0 Published as OASIS Committee Note.

OASIS has published Committee Note 01 of Information Modeling with JADN v1.0. This CN, a companion to the JADN Specification, was approved for publication by the OpenC2 TC. The CN describes the value and use of Information Models (IMs), contains explanations of the JADN language, explains how to construct IMs using JADN with examples, and contrasts IMs with other modeling approaches, such as Entity-Relationship models for databases, and knowledge models / ontologies.

February 17, 2023

Information Modeling with JADN Committee Note Draft 01 published by OASIS.

OASIS has published Committee Note Draft (CND) 01 of Information Modeling with JADN v1.0. This CND, a companion to the JADN Specification, was approved for publication by the OpenC2 TC, and describes the use of IMs, explains how to construct IMs using JADN, and contrasts IMs with other modeling approaches, such as Entity-Relationship models for databases, and knowledge models / ontologies. Development of this CN is on-going.

January 26, 2023

OpenC2 TC Member Vasileios Mavroeidis Named OASIS Distinguished Contributor.

Dr. Vasileios Mavroeidis was named an 2022 OASIS Distinguished Contributor. Dr. Mavroeidis specializes in the domains of automation and cyber threat intelligence representation, reasoning, and sharing, and is an active participant in multiple OASIS TCs. Distinguished Contributors are individuals recognized for their significant impact on the open source and open standards communities.

December 31, 2022

(Paper) The Role of OASIS OpenC2 in Cybersecurity Automation and Orchestration.

A paper by TC Member Dr. Vasileios Mavroeidis that presents a concise summary of the “why” (motivation) for OpenC2. This article (author’s version) documents a thematic talk under “Increased Automation for Detection, Prevention and Mitigation Measures” given at “The 2nd ECSCI Workshop on Critical Infrastructure Protection” in April 2022.

November 16, 2022

OASIS Publishes CSD01 of the OpenC2 Language Specification, v2.0.

The Language Specification is the foundation document defining the OpenC2 language. The TC has determined to advance the Language Specification to Version 2.0 to address changes identified since the November 2019 publication of v1.0, CSD02, including a small number of breaking changes. CSD01 is the initial publication of the in-development v.0 specification.

September 30, 2022

Open Command and Control (OpenC2) Architecture v1.0 approved as an OASIS Committee Specification.

The Architecture Specification is an overarching document that describes the concepts and organization of OpenC2, and provides a blueprint for developing Actuator Profiles and Transfer Specifications. It also describes the abstract architecture of OpenC2 to define a common understanding of the messages and interactions for all bindings and serializations.

June 3, 2022

OASIS Publishes CSD01 of the OpenC2 Architecture Specification, v1.0.

The Architecture Specification is an overarching document that describes the concepts and organization of OpenC2, and provides a blueprint for developing Actuator Profiles and Transfer Specifications.

June 2, 2022

OpenC2 Participates in Cybersecurity Automation Workshop (CAW).

Cybersecurity Automation Workshops are a series of events to prototype and test interoperability among cybersecurity automation technologies. OpenC2 participated in the latest CAW event, which also explored related cybersecurity technologies including Software Bill of Materials (SBOM), and security Posture Attribute Collection & Evaluation (PACE).

April 28, 2022

Presentation on the Role of OpenC2 in Cybersecurity Automation.

Dr. Vasileios Mavroeidis, a member of the OpenC2 TC, gave a talk on “the role of OpenC2 in cybersecurity automation” at the 2nd ECSCI Workshop on Critical Infrastructure Protection, organized by the European Cluster for Securing Critical Infrastructures (ECSCI).

April 12, 2022

The Science of SOAR on security podcast.

Dr. Vasileios Mavroeidis, a member of the OpenC2 TC, was a guest on the mnemonic security podcast, to discuss “The Science of SOAR”.

January 19, 2022

OpenC2 TC Co-Chair named OASIS Distinguished Contributor.

Duncan Sparrell, a co-chair of the OpenC2 TC, was named an OASIS Distinguished Contributor.

December 3, 2021

OASIS Publishes CS01 of the OpenC2 HTTPS Transfer Specification, v1.1.

HTTP over TLS is a widely deployed transfer protocol that provides authenticated, ordered, lossless delivery of uniquely-identified messages. This document specifies the use of HTTP over TLS as a transfer mechanism for OpenC2 Messages. This specification replaces the July 2019 v.10 CS01, and incorporates changes to OpenC2 message formatting and other lessons learned through interoperability testing. A Testing conformance target is provided to support interoperability testing without security mechanisms.

December 1, 2021

OASIS Publishes CS01 of the OpenC2 MQTT Transfer Specification, v1.0.

OpenC2 transfer specifications describe how to use standard protocols to transfer OpenC2 messages. The MQTT Transfer Specification describes how to use MQTT v5.0 in support of OpenC2 messaging.

October 13, 2021

OASIS Announces Public Review of the HTTPS Transfer Specification, v1.1.

OpenC2 transfer specifications describe how to use standard protocols to transfer OpenC2 messages. The HTTPS Transfer Specification describes how to use HTTP and TLS in support of OpenC2 messaging. The v1.1 update incorporates an updated OpenC2 message format and the option for a testing mode without TLS, the addition of a well-known path for POSTing OpenC2 commands, and other minor changes and corrections.

August 30, 2021

OASIS Publishes CSD01 of the OpenC2 Language Specification, v1.1.

The Language Specification is the foundation document defining the OpenC2 language. Version 1.1 of the Language Specification will address changes identified since the November 2019 publication of v1.0, CSD02.

August 30, 2021

OASIS Announces Public Review of the MQTT Transfer Specification, v1.0.

OpenC2 transfer specifications describe how to use standard protocols to transfer OpenC2 messages. The MQTT Transfer Specification describes how to use MQTT v5.0 in support of OpenC2 messaging.

August 24, 2021

OASIS Publishes CS01 of the JSON Abstract Data Notation (JADN) Specification, v1.0.

JSON Abstract Data Notation (JADN) is a UML-based information modeling language that defines data structure independently of data format. Information models are used to define and generate physical data models, validate information instances, and enable lossless translation across data formats. A JADN specification consists of two parts: type definitions that comprise the information model, and serialization rules that define how information instances are represented as data.

August 17, 2021

OASIS Publishes CSD01 of the Actuator Profile for Packet Filtering, v1.0.

The Packet Filtering AP will combine stateless and stateful packet filtering under a single AP, and make provisions for use in cloud environments.

June 24, 2021

STIX, OpenC2, CACAO Playbooks - Cybersecurity Standards Working Together To Tackle Recent String of High-Profile Hacks (video).

Michael Rosa (NSA) explores OpenC2 applications (at approximately the twenty-six minute mark) in a Borderless Cyber panel on how standards could help with the recent attacks.

June 24, 2021

STIX, OpenC2, CACAO Playbooks - Future Challenges and Directions for Security Automation and Orchestration (video).

Neal Ziring, Technical Director, National Security Agency delivers the keynote address for the Borderless Cyber 2021, in which he discusses the importance of OpenC2 in evolving cybersecurity challenges.

June 22, 2021

OpenC2 Plugfest.

A successful OpenC2 Plugfest was held in conjunction with Borderless Cyber 2021.

February 10, 2021

Sharing & Exchanging SBOMs (paper)..

The NTIA Software Transparency Multistakeholder Group is producing documentation on how improve software supply chain, particularly on the value om Software Bill of Materials (SBOM). The “Sharing & Exchanging SBOMs” paper includes OpenC2 as one of the mechanisms.

January 12, 2021

OASIS publishes CACAO Playbook Committee Specification including OpenC2 in playbooks.

The OASIS CACAO TC published CACAO Security Playbooks Version 1.0, Committee Specification 01. This security playbook specification on collaborative automated course of action operations (CACAO) includes how to specify security actions using OpenC2.

December 8, 2020

Cybersecurity Automation (video).

“Cybersecurity Automation” was presented at the ITU Kaleidoscope Academic Conference, including openC2’s role in cybersecurity automation. (video - click on word “English”)

December 8, 2020

Demonstrating OpenC2 and SOAR (video).

IACD experiment using OpenC2 with a Swimlane orchestrator and Symantec ICDx to respond to malicious software download.

October 28, 2020

Cyber Security Automation Virtual Plugfest / Hackathon.

Information about the October 28, 2020 Plugfest / Hackathon, a mashup of SBOM / OpenC2 / SCAPv2 / IACD / CACAO / OCA / MUD / DBOM virtual Proof-of-Concept (PoC) / plugfest / hackathon.

October 23, 2020

SBOM PoC / OpenC2 Plugfest / Hackathon.

A LinkedIn post by Dan Johnson.

August 18, 2020

A nonproprietary language for the command and control of cyber defenses – OpenC2.

An academic paper by Vasileios Mavroeidis.

July 29, 2020

OpenC2 Orchestration vs the Cyber Kill Chain.

A blog post on Medium by Erich Izdepski.

June 17, 2020

Introducing Collaborative Automated Course of Action Operations (CACAO) - An Emerging Cybersecurity Standard to Quickly Define and Share Playbooks.

A blog post on SecurityIntelligence.com by Stephanie Hazlewood.

May 27, 2020

EclecticIQ Joins Forces with Endpoint Solution Provider PolyLogyx.

A press release on businesswire.com.

March 06, 2020

Making IoT safer with BEAM OTP (video).

A presentation to Code BEAM SF 2020 by Duncan Sparrell (video).

Feb 5, 2020

Through the First OpenC2 Plugfest - Towards Standardization.

A LinkedIn article by Vasileios Mavroeidis.

January 27, 2020

Twenty-eight organizations meet across two days to test interoperability and implement the standard at the inaugural OpenC2 PlugFest.

Information about the January 27-28, 2020 OpenC2 Plugfest / Hackathon sponsored by Dreamport and hosted by UMBC Training.

December 12, 2019

Open Command and Control (OpenC2) Language Specification v1.0 from OpenC2 TC approved as a Committee Specification.

OASIS announcement of the publication of the 24 November 2019 CS02 version of the OpenC2 Language Specification.

December 4, 2019

ITU Kaleidoscope.

Conference proceedings for December 2019 ITU Kaleidoscope (large PDF), includes paper on Cyber-Safety in Healthcare IoT by Duncan Sparrell

November 24, 2019

Open Command and Control (OpenC2) Language Specification Version 1.0 (CS02).

The HTML version of the OpenC2 Language Specification, CS02, which contains minor updates to CS01.

October 8, 2019

Improving IOT Safety using standards to improve IOT Security.

A presentation by Duncan Sparrell at Borderless Cyber in Washington, DC (conference program entry).

September 3, 2019

3 Promising Technologies Making an Impact on Cybersecurity.

A commentary article on DARKReading by Jon Oltsik.

August 7, 2019

A New Window Onto an OpenC2 World.

A report (PDF) from HardenStance.com about the publication of three initial OpenC2 Committee Specifications.

August 5, 2019

Three Committee Specifications approved by Open Command and Control (OpenC2) TC.

The official OASIS publication announcement for the three initial OpenC2 Committee Specifications (CS01 versions).

July 11, 2019

Open Command and Control (OpenC2) Language Specification Version 1.0.

The HTML version of the OpenC2 Language Specification, CS01.

July 11, 2019

Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0.

The HTML version of the Stateless Packet Filtering actuator profile, CS01.

July 11, 2019

Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0 (CS01).

The HTML version of the HTTPS Transfer Specification, CS01.

May 01, 2019

5 threat detection and response technologies are coming together.

A Cybersecurity Snippets article by Jon Oltsik at CSO Online.

April 2, 2019

OpenC2 can accelerate security operations, automation, and orchestration.

A Cybersecurity Snippets article by Jon Oltsik at CSO Online.

April 2, 2019

OpenC2 can accelerate security operations, automation, and orchestration.

A Cybersecurity Snippets article by Jon Oltsik at CSO Online.

November 12, 2018

Busting Cybersecurity Silos.

An article by Sridhar Muppidi at SecurityIntelligence.com.

October 24, 2018

Duncan Sparrell interview with Ed Amoroso of TAG Cyber.

Duncan Sparrell, Chief Cyber Curmudgeon at S-Fractal Consulting, chats about his long career at AT&T, current projects, and trends in cyber security (YouTube video).

September 6, 2018

Response at Cyberspeed to Attack.

IoTsm “Response at Cyberspeed to Attack” Proceedings of the International Conference on Industrial Internet of Things and Smart Manufacturing

March 15, 2018

Let it Be Hacked - Code Beam SF 2018.

Presentation by Duncan Sparrell at Code Beam SF 2018 (video).

November 18, 2017

Cybersecurity, Erlang, & Opensource Combine in OpenC2.

Cybersecurity, Erlang, & Opensource Combine in OpenC2

October 19, 2017

Responding to Cyber Attacks at Machine Speed.

Presentation by Duncan Sparrell at Rochester Security Summit 2017 (Prezi).

September 5, 2017

International Community Comes Together at OASIS to Advance OpenC2 Standard for Automated Defense Against Cyber-Attacks.

OASIS press release about the work of the OpenC2 Technical Committee.

June 14, 2017

NSA's new open language for cyber-defenses will aid interoperability.

Article about OpenC2 and the formation of the OASIS OpenC2 TC by Shaun Waterman on cyberscoop.com.

June 7, 2017

Formation meeting for OASIS OpenC2 Technical Committee..

Public link to meeting minutes for the formation meeting.

April 10, 2017

OpenC2 Forum Transitions to OASIS OpenC2 TC.

OASIS Call For Participation in the newly-forming OpenC2 Technical Committee.

March 23, 2017

Responding to Cyber Attack at Machine Speed.

Presentation by Duncan Sparrell at Erlang & Elixir Factory SF 2017 (YouTube video).