OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

openc2-actuator message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [openc2-actuator] Broadcom ICDX wrt actuator profiles

I was more referring to the links of  ICDX documentation than to how to run the demo.

 

Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

I welcome VSRE emails. Learn more at http://vsre.info/

 

 

From: Dave Lemire <dave.lemire@g2-inc.com>
Date: Wednesday, February 12, 2020 at 9:30 AM
To: "duncan@sfractal.com" <duncan@sfractal.com>, "oasis.oc2.apsc" <openc2-actuator@lists.oasis-open.org>
Subject: Re: [openc2-actuator] Broadcom ICDX wrt actuator profiles

 

Responding to task (1):  The links were in a comprehensive email that Brian Berliner sent to the plugfest mail list on 23 January, subj: Symantec ICDx OpenC2 Lab availability for PlugFest.

 

I see a link for submitting commands:

 

 

And a URL to confirm that a quarantine has succeeded:  And, finally, to verify that your device has actually been Quarantined, I created a Web Server on the Windows Lab server I built, which becomes inaccessible when the device has been quarantined. You can test it with a simple command to the device itself (or just use "ping"):

 

curl --request GET 'http://35.199.17.141'

 

 

Brian also attached a Postman Collection and Environment that you can use directly by importing into the Postman tool (https://www.getpostman.com/), if you like.  

 

To use any of these, you have to email Brian to get an individual API Key.

 

Dave

 

David Lemire, CISSP

Systems Engineer

HII Mission Driven Innovative Solutions (HII-MDIS) â formerly G2, Inc.

Technical Solutions Division

302 Sentinel Drive | Annapolis Junction, MD 20701

Email: dave.lemire@g2-inc.com

Work: 301-575-5190 | Mobile: 240-938-9350

 

 

On Wed, Feb 12, 2020 at 9:18 AM duncan sfractal.com <duncan@sfractal.com> wrote:

Although they could not attend the plugfest, Broadcom contributed a working ICDX to the plugfest. One of the many items on my to-do list is to go thru the ICDX documentation with a view to defining actuator profiles. I suspect there are actuators in their documentation for which we do not yet have OASIS actuator profiles. I doubt Iâll have the time to ever get to this item so Iâm soliciting help from anyone else in the AP-SC who might want to help. Iâd include a link but unfortunately the two Broadcom links on https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/Plugfest-Outcomes.md are not yet filled out. The links to the ICDX info is in the email archives somewhere. Any help would be appreciated. Ie (1) find the links (2) fillin the plugfest outcomes at least with the links, and (3) review the ICDX documentation in the links with the view of comparing to existing OASIS actuator profiles and highlighting where we could start some new profile work based on the work Broadcom has already done.

 

Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

I welcome VSRE emails. Learn more at http://vsre.info/

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]