-
Type:
Task
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Component/s: Registration / Template Request
-
Labels:None
-
Environment:
OpenC2
Submitted on Tuesday, December 1, 2020 - 15:02
Submitted by user:
Submitted values are:
Your name: David Lemire
TC name: Open Command and Control (OpenC2)
TC email address: openC2@lists.oasis-open.org
Work product title and version number: OpenC2 Actuator Profile for Endpoint
Detection and Response
Work product abbreviation: ap-edr
Track: Standards Track Work Product
Abstract:
Open Command and Control (OpenC2) is a concise and extensible
language to enable the command and control of cyber defense components,
subsystems and/or systems in a manner that is agnostic of the underlying
products, technologies, transport mechanisms or other aspects of the
implementation. Endpoint detection and response technologies provide a means
for
continuous monitoring and analysis to more readily identify, detect, and
prevent
advanced threats. This OpenC2 Actuator Profile defines the Actions, Targets,
Specifiers and Options that
are consistent with the version 1.0 of the OpenC2 Language Specification
([OpenC2-Lang-v1.0]) in the context of command and control of various
endpoint
detection and response technologies.
Format: Please describe in Notes section
Chair(s):
Joe Brule, jmbrule@radium.ncsc.mil, National Security Agency
Duncan Sparrell, duncan@sfractal.com, sFractal Consulting
Editor(s):
Vasileios Mavroeidis, vasileim@ifi.uio.no, University of Oslo
Martin Evandt, martifev@ifi.uio.no, University of Oslo
Namespace(s):
Notes: Request this starter document in markdown format. There will be a
companion request for a GitHub repository to host this work product.
The results of this submission may be viewed at:
http://tools.oasis-open.org/issues/browse/TCADMIN