This is a cybersecurity automation mashup of meetups combining a plugfest with a hackathon with a proof-of-concept. It is also a mashup of the efforts of OpenC2, SBOM, IACD, SCAPv2, OCA, CACAO, ... combining all these concepts to demonstrate usecases showing the value of automated defense.

A Plugfest is a meeting where systems and devices are tested for interoperability with emerging standards. If the standards are well-designed and the tested products are standards-compliant, then the products should function as expected when they are plugged together. If not, there might be deficiencies with the standards, with the implementations, or both. To organize a Plugfest is the best way to find out.

A hackathon is an event collaborate intensively on software projects. The goal of a hackathon is to create functioning software by the end of the event.

A Proof of concept demonstrates that a design concept is feasible.

OpenC2 is a standardized language for the command and control of technologies that provide or support cyber defenses. By providing a common language for machine-to-machine communication, OpenC2 is vendor and application agnostic, enabling interoperability across a range of cyber security tools and applications. The use of standardized interfaces and protocols enables interoperability of different tools, regardless of the vendor that developed them, the programming language they are written in or the function they are designed to fulfill. OpenC2 has an initial suite of specifications written and we are at the point where we are applying it to real world use cases on real cyber security products.

A Software Bill of Materials (SBOM) is a formal record containing the details andsupply chain relationships of various components used in building software.

Integrated Adaptive Cyber Defense (IACD) is accelerating the speed and scale of cyberdefense through automation, orchestration, and information sharing. IACD defines a strategy and framework to adopt an extensible, adaptive, commercial off-the-shelf (COTS)-based approach. Our goal is to dramatically change the timeline and effectiveness of cyber defense via integration, automation, orchestration and sharing of machine-readable cyber threat information.

The Open Cybersecurity Alliance (OCA) is an open ecosystem where cybersecurity products interoperate without the need for customized integrations. Using community-developed standards and practices, OCA is simplifying integration across the threat lifecycle.

Version 2 of the Security Content Automation Protocol (SCAPv2) is a major update to the SCAP 1.x publications. SCAP v2 covers a broader scope in an attempt to further improve enterprise security through standardization and automation.

Collaborative Automated Course of Action Operations (CACAO) defines the schema and taxonomy for cybersecurity playbooks and how cybersecurity playbooks can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions.

More information on the plugfest/hackathon/poc can be found here. The agenda can be found here,

Please register as "attendee" if you only intend to listen to the talks and watch what is going on. Please register as "participant" if intend to participate in the breakout sessions.