SlideShare a Scribd company logo

A Data Modelling Framework to Unify Cyber Security Knowledge

Vaticle
Vaticle

Cyber security companies collect massive amounts of heterogenous data coming from a huge number of sources. These describe hundreds of different data types, such as vulnerabilities, observables, incidents, and malwares. While this data is highly complex (with many types of relations, type hierarchies, and rules), its structure doesn't significantly change between organisations. However, without a publicly available data model, organisations end up modelling the same data in different ways: in other words, reinventing the wheel, and wasting their resources. This modelling complexity makes scaling cyber security applications extremely difficult. That's why efforts are underway to provide ready-made solutions for typical cyber security use cases which provide the flexibility to expand for specific requirement of individual setups. The combination of those efforts have created a lot of inter-related knowledge silos (e.g. CVE, CAPEC, CWE, CVSS, Cocoa, MITRE, VERIS, STIX, MAEC). To unify these silos, various ontologies have been proposed by researchers, with different levels of granularity - from specific use cases like defence exercises, to more comprehensive cases like the UCO project. During this talk, you’ll learn about the OmnibusCyber Project, an open-source, ready-made solution that aggregates cyber security knowledge silos, based on TypeDB. TypeDB’s framework offers the expressivity, safety, and inference properties required to implement a knowledge graph without the complexity associated with the OWL/RDF semantic frameworks.

1 of 25
Download to read offline
A Data Modelling Framework to Unify Cyber Security Knowledge OmnibusCyber Authors: Dr. Paolo Di Prodi Dr. Brett Forbes
About Me Paolo Di Prodi Phd in Machine Learning Software and Automation Engineer Worked for Microsoft and now Fortinet. Mostly Data Science in Cyber Security. Prior to that malware reversing.
Problem we have right now! External: Threat Intelligence Exchange Internal: Any cyber data
The Sheriff of data modelling š Classical drama buy vs build vs reuse š Buy is not an option š Build is usually the option š How can we avoid typical mistakes? š Can provide a basic structure? š With the ability to extend to each company?
External Threat Intelligence š STIX and TAXII are standards developed in an effort to improve the prevention and mitigation of cyber-attacks. STIX states the “what” of threat intelligence, while TAXII defines “how” that information is relayed. Unlike previous methods of sharing, STIX and TAXII are machine-readable and therefore easily automated.
STIX and TAXI STIX, short for Structured Threat Information eXpression, is a standardized language developed by MITRE and the OASIS Cyber Threat Intelligence (CTI) Technical Committee for describing cyber threat information. TAXII, short for Trusted Automated eXchange of Intelligence Information, defines how cyber threat information can be shared via services and message exchanges. It is designed specifically to support STIX information
Tons and Tons of TIPs (around 98 vendors)
Internal use cases š Sensor Telemetry š Managed Detection Response š Incident Response š SOAR š XDR BUY REUSE BUILD
Classical build environment setup Sensor IPS/IDS/AV/EPP/EDR Transport ProtoBuf/JSON/Avro/MQTT Data Lake Central or Distributed Data Marts
Vulnerabilities concepts CVE CVSS EPSS CVRF SBOM VEX CSAF MITRE CAPEC CWE CPE
God created silos in the last day IPS DB Query EDR DB AV DB Query FIM DB Query ZTN DB Query š Each product have their own syntax, taxonomies and ontologies š Building a federated DB is a big challenge š I mean just even look at the SIEM vendor space…. Where are my CVE? What is a vulnerabili ty? What is the context? Where is my OLAP?
Datamarts and ER TypeDB
Omnibus Cyber Data Lake ETL TypeDB Base Schema •Entity •Relations •Rules •URI ETL •External reference •Loaders OLAP •Dimensions •Fact •Measure
Meet the elephants UCO ad OCSF UCO
Unified Cyber Ontology (UCO) š A foundation for standardized information representation across the cyber security domain/ecosystem š Last version: 0.9.0 on 16 June 2022 š First Version: 01.0 on 5 Jan 2017 š Based on: š OWL š Java 11 š Key stats: š 418 Classes š 707 Properties š 11812 Triples RDF Adoption Focus on Observables
Open Cybersecurity Schema Framework (OCSF) š The Open Cybersecurity Schema Framework is an open-source project, delivering an extensible framework for developing schemas, along with a vendor- agnostic core security schema. Vendors and other data producers can adopt and extend the schema for their specific domains. š OCSF is intended to be used by both products and devices which produce log events, analytic systems, and logging systems which retain log events. š First Version: 14 July 2022 š Schema: JSON Loose inheritance There is no reference database implementation.
Our advantages Extensibility • Base Schema • Inheritance Reference implementation • TypeDB • Toolbox ER • Entity- Relationships • URI Sharing • Native STIX import/export
Why not everything STIX? What about CWE,CAPEC, ATTCK?
STIX Databases and Extensions Section 7.3 •Extension Definition Policy •JSON schema Section 11 •Custom Object Extensions •Deprecated š A work in progress for now in cooperation with OASIS š Is it possible? Yes
Omnibus Design Prod schema Corp Schema Base Schema š Basic pattern: inherit and extend š Base Schema contains main concepts: š CVE/CVSS/CWE/CAPEC š MAEC š COCOA š ATT&CK, DEFEND, ATTCK FLOW etc š VERIZON/VERIS š Specialized schema contains business logic š Sensor facts š Incident Response Playbooks
Live Demo Kafka Bus DataLake IPS/IDS /EDR/ AV ProtoBuf ProtoBuf ProtoBuf ProtoBuf OmnibusCyb er ETL
Example for IPS packet Inherit and expand š It’s excellent for additions š Example here is to derive CVE entity: š Add relation to device object š Add relation to volume count Simple YAML config Specific schema Hostxyz|2022-01-01T10:00:00|CVE- 2022-1234|1000
Cool benefits Auto Enrichment š Each entity could have an authoritative source š This means auto enrichment in real time if required. Demo Example š Let’s enrich the CVE data stream š Source is the NVD database š https://youtu.be/R0fyiBZCEyg Project: https://github.com/priamai/omnicyberdb/tree/experimental
TypeDB limitations Schema •Dependencies •Annotations •Keyword escaping Scope •Namespaces •Versions •Multiple Inheritance Data •Validation •Array/Vector Type •Orphan attributes handling •Upsert!!! Queries •Materialized Views? •More aggregation operators!
Appendix

Recommended

Knowledge Graphs for Supply Chain Operations.pdf
Knowledge Graphs for Supply Chain Operations.pdfKnowledge Graphs for Supply Chain Operations.pdf
Knowledge Graphs for Supply Chain Operations.pdf
Vaticle
 
Building a Cyber Threat Intelligence Knowledge Graph
Building a Cyber Threat Intelligence Knowledge GraphBuilding a Cyber Threat Intelligence Knowledge Graph
Building a Cyber Threat Intelligence Knowledge Graph
Vaticle
 
Data Observability.pptx
Data Observability.pptxData Observability.pptx
Data Observability.pptx
SonaSamad1
 
Unifying Space Mission Knowledge with NLP & Knowledge Graph
Unifying Space Mission Knowledge with NLP & Knowledge GraphUnifying Space Mission Knowledge with NLP & Knowledge Graph
Unifying Space Mission Knowledge with NLP & Knowledge Graph
Vaticle
 
Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)
Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)
Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)
Sergey Karayev
 
Optimizing Your Supply Chain with the Neo4j Graph
Optimizing Your Supply Chain with the Neo4j GraphOptimizing Your Supply Chain with the Neo4j Graph
Optimizing Your Supply Chain with the Neo4j Graph
Neo4j
 
The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...
The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...
The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...
Neo4j
 
A Pragmatic AI Maturity Model
A Pragmatic AI Maturity ModelA Pragmatic AI Maturity Model
A Pragmatic AI Maturity Model
DATAVERSITY
 

Recommended

Knowledge Graphs for Supply Chain Operations.pdf
Knowledge Graphs for Supply Chain Operations.pdfKnowledge Graphs for Supply Chain Operations.pdf
Knowledge Graphs for Supply Chain Operations.pdf
Vaticle
 
Building a Cyber Threat Intelligence Knowledge Graph
Building a Cyber Threat Intelligence Knowledge GraphBuilding a Cyber Threat Intelligence Knowledge Graph
Building a Cyber Threat Intelligence Knowledge Graph
Vaticle
 
Data Observability.pptx
Data Observability.pptxData Observability.pptx
Data Observability.pptx
SonaSamad1
 
Unifying Space Mission Knowledge with NLP & Knowledge Graph
Unifying Space Mission Knowledge with NLP & Knowledge GraphUnifying Space Mission Knowledge with NLP & Knowledge Graph
Unifying Space Mission Knowledge with NLP & Knowledge Graph
Vaticle
 
Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)
Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)
Lecture 6: Infrastructure & Tooling (Full Stack Deep Learning - Spring 2021)
Sergey Karayev
 
Optimizing Your Supply Chain with the Neo4j Graph
Optimizing Your Supply Chain with the Neo4j GraphOptimizing Your Supply Chain with the Neo4j Graph
Optimizing Your Supply Chain with the Neo4j Graph
Neo4j
 
The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...
The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...
The perfect couple: Uniting Large Language Models and Knowledge Graphs for En...
Neo4j
 
A Pragmatic AI Maturity Model
A Pragmatic AI Maturity ModelA Pragmatic AI Maturity Model
A Pragmatic AI Maturity Model
DATAVERSITY
 
MLOps and Data Quality: Deploying Reliable ML Models in Production
MLOps and Data Quality: Deploying Reliable ML Models in ProductionMLOps and Data Quality: Deploying Reliable ML Models in Production
MLOps and Data Quality: Deploying Reliable ML Models in Production
Provectus
 
Observability for Data Pipelines With OpenLineage
Observability for Data Pipelines With OpenLineageObservability for Data Pipelines With OpenLineage
Observability for Data Pipelines With OpenLineage
Databricks
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
Erik Van Buggenhout
 
Data council sf amundsen presentation
Data council sf amundsen presentationData council sf amundsen presentation
Data council sf amundsen presentation
Tao Feng
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
MITRE ATT&CK
 
Data Observability Best Pracices
Data Observability Best PracicesData Observability Best Pracices
Data Observability Best Pracices
Andy Petrella
 
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue Divide
MITRE ATT&CK
 
Open World Robotics
Open World RoboticsOpen World Robotics
Open World Robotics
Vaticle
 
Llama-index
Llama-indexLlama-index
Llama-index
Denis973830
 
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data ScienceGet Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Neo4j
 
Slides: Knowledge Graphs vs. Property Graphs
Slides: Knowledge Graphs vs. Property GraphsSlides: Knowledge Graphs vs. Property Graphs
Slides: Knowledge Graphs vs. Property Graphs
DATAVERSITY
 
Introdution to Dataops and AIOps (or MLOps)
Introdution to Dataops and AIOps (or MLOps)Introdution to Dataops and AIOps (or MLOps)
Introdution to Dataops and AIOps (or MLOps)
Adrien Blind
 
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
MITRE ATT&CK
 
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CKKnowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
MITRE ATT&CK
 
Property graph vs. RDF Triplestore comparison in 2020
Property graph vs. RDF Triplestore comparison in 2020Property graph vs. RDF Triplestore comparison in 2020
Property graph vs. RDF Triplestore comparison in 2020
Ontotext
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
MITRE ATT&CK
 
ML-Ops: Philosophy, Best-Practices and Tools
ML-Ops: Philosophy, Best-Practices and ToolsML-Ops: Philosophy, Best-Practices and Tools
ML-Ops: Philosophy, Best-Practices and Tools
Jorge Davila-Chacon
 
The Apache Solr Semantic Knowledge Graph
The Apache Solr Semantic Knowledge GraphThe Apache Solr Semantic Knowledge Graph
The Apache Solr Semantic Knowledge Graph
Trey Grainger
 
MLflow Model Serving
MLflow Model ServingMLflow Model Serving
MLflow Model Serving
Databricks
 
Building Biomedical Knowledge Graphs for In-Silico Drug Discovery
Building Biomedical Knowledge Graphs for In-Silico Drug DiscoveryBuilding Biomedical Knowledge Graphs for In-Silico Drug Discovery
Building Biomedical Knowledge Graphs for In-Silico Drug Discovery
Vaticle
 
Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?
msyukor
 
An Overview Of The Singularity Project
An Overview Of The Singularity ProjectAn Overview Of The Singularity Project
An Overview Of The Singularity Projectalanocu
 

More Related Content

What's hot

MLOps and Data Quality: Deploying Reliable ML Models in Production
MLOps and Data Quality: Deploying Reliable ML Models in ProductionMLOps and Data Quality: Deploying Reliable ML Models in Production
MLOps and Data Quality: Deploying Reliable ML Models in Production
Provectus
 
Observability for Data Pipelines With OpenLineage
Observability for Data Pipelines With OpenLineageObservability for Data Pipelines With OpenLineage
Observability for Data Pipelines With OpenLineage
Databricks
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
Erik Van Buggenhout
 
Data council sf amundsen presentation
Data council sf amundsen presentationData council sf amundsen presentation
Data council sf amundsen presentation
Tao Feng
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
MITRE ATT&CK
 
Data Observability Best Pracices
Data Observability Best PracicesData Observability Best Pracices
Data Observability Best Pracices
Andy Petrella
 
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue Divide
MITRE ATT&CK
 
Open World Robotics
Open World RoboticsOpen World Robotics
Open World Robotics
Vaticle
 
Llama-index
Llama-indexLlama-index
Llama-index
Denis973830
 
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data ScienceGet Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Neo4j
 
Slides: Knowledge Graphs vs. Property Graphs
Slides: Knowledge Graphs vs. Property GraphsSlides: Knowledge Graphs vs. Property Graphs
Slides: Knowledge Graphs vs. Property Graphs
DATAVERSITY
 
Introdution to Dataops and AIOps (or MLOps)
Introdution to Dataops and AIOps (or MLOps)Introdution to Dataops and AIOps (or MLOps)
Introdution to Dataops and AIOps (or MLOps)
Adrien Blind
 
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
MITRE ATT&CK
 
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CKKnowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
MITRE ATT&CK
 
Property graph vs. RDF Triplestore comparison in 2020
Property graph vs. RDF Triplestore comparison in 2020Property graph vs. RDF Triplestore comparison in 2020
Property graph vs. RDF Triplestore comparison in 2020
Ontotext
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
MITRE ATT&CK
 
ML-Ops: Philosophy, Best-Practices and Tools
ML-Ops: Philosophy, Best-Practices and ToolsML-Ops: Philosophy, Best-Practices and Tools
ML-Ops: Philosophy, Best-Practices and Tools
Jorge Davila-Chacon
 
The Apache Solr Semantic Knowledge Graph
The Apache Solr Semantic Knowledge GraphThe Apache Solr Semantic Knowledge Graph
The Apache Solr Semantic Knowledge Graph
Trey Grainger
 
MLflow Model Serving
MLflow Model ServingMLflow Model Serving
MLflow Model Serving
Databricks
 
Building Biomedical Knowledge Graphs for In-Silico Drug Discovery
Building Biomedical Knowledge Graphs for In-Silico Drug DiscoveryBuilding Biomedical Knowledge Graphs for In-Silico Drug Discovery
Building Biomedical Knowledge Graphs for In-Silico Drug Discovery
Vaticle
 

What's hot (20)

MLOps and Data Quality: Deploying Reliable ML Models in Production
MLOps and Data Quality: Deploying Reliable ML Models in ProductionMLOps and Data Quality: Deploying Reliable ML Models in Production
MLOps and Data Quality: Deploying Reliable ML Models in Production
 
Observability for Data Pipelines With OpenLineage
Observability for Data Pipelines With OpenLineageObservability for Data Pipelines With OpenLineage
Observability for Data Pipelines With OpenLineage
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
 
Data council sf amundsen presentation
Data council sf amundsen presentationData council sf amundsen presentation
Data council sf amundsen presentation
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
 
Data Observability Best Pracices
Data Observability Best PracicesData Observability Best Pracices
Data Observability Best Pracices
 
ATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue DivideATT&CKing the Red/Blue Divide
ATT&CKing the Red/Blue Divide
 
Open World Robotics
Open World RoboticsOpen World Robotics
Open World Robotics
 
Llama-index
Llama-indexLlama-index
Llama-index
 
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data ScienceGet Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
Get Started with the Most Advanced Edition Yet of Neo4j Graph Data Science
 
Slides: Knowledge Graphs vs. Property Graphs
Slides: Knowledge Graphs vs. Property GraphsSlides: Knowledge Graphs vs. Property Graphs
Slides: Knowledge Graphs vs. Property Graphs
 
Introdution to Dataops and AIOps (or MLOps)
Introdution to Dataops and AIOps (or MLOps)Introdution to Dataops and AIOps (or MLOps)
Introdution to Dataops and AIOps (or MLOps)
 
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
 
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CKKnowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
 
Property graph vs. RDF Triplestore comparison in 2020
Property graph vs. RDF Triplestore comparison in 2020Property graph vs. RDF Triplestore comparison in 2020
Property graph vs. RDF Triplestore comparison in 2020
 
It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...It's just a jump to the left (of boom): Prioritizing detection implementation...
It's just a jump to the left (of boom): Prioritizing detection implementation...
 
ML-Ops: Philosophy, Best-Practices and Tools
ML-Ops: Philosophy, Best-Practices and ToolsML-Ops: Philosophy, Best-Practices and Tools
ML-Ops: Philosophy, Best-Practices and Tools
 
The Apache Solr Semantic Knowledge Graph
The Apache Solr Semantic Knowledge GraphThe Apache Solr Semantic Knowledge Graph
The Apache Solr Semantic Knowledge Graph
 
MLflow Model Serving
MLflow Model ServingMLflow Model Serving
MLflow Model Serving
 
Building Biomedical Knowledge Graphs for In-Silico Drug Discovery
Building Biomedical Knowledge Graphs for In-Silico Drug DiscoveryBuilding Biomedical Knowledge Graphs for In-Silico Drug Discovery
Building Biomedical Knowledge Graphs for In-Silico Drug Discovery
 

Similar to A Data Modelling Framework to Unify Cyber Security Knowledge

Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?
msyukor
 
An Overview Of The Singularity Project
An Overview Of The Singularity ProjectAn Overview Of The Singularity Project
An Overview Of The Singularity Projectalanocu
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Mobodexter
 
Designing Internet of things
Designing Internet of thingsDesigning Internet of things
Designing Internet of things
Mahdi Hosseini Moghaddam
 
Ultralight Data Movement for IoT with SDC Edge
Ultralight Data Movement for IoT with SDC EdgeUltralight Data Movement for IoT with SDC Edge
Ultralight Data Movement for IoT with SDC Edge
DataWorks Summit
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Black Duck by Synopsys
 
Product security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsProduct security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security Certs
LabSharegroup
 
Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...
Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...
Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...
Black Duck by Synopsys
 
Navigating Crypto: Industry Map
Navigating Crypto: Industry MapNavigating Crypto: Industry Map
Navigating Crypto: Industry Map
Sarasotamug
 
IOT Exploitation
IOT Exploitation IOT Exploitation
IOT Exploitation
Cysinfo Cyber Security Community
 
Log Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton ChuvakinLog Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
Anton Chuvakin
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
OWASP Delhi
 
A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...
A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...
A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...
IRJET Journal
 
Win net presentacion [2005]
Win net presentacion [2005]Win net presentacion [2005]
Win net presentacion [2005]Raul Soto
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
Tryzens
 
Assingment 5 - ENSA
Assingment 5 - ENSAAssingment 5 - ENSA
Assingment 5 - ENSA
Jeewanthi Fernando
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyIOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
Charith Perera
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
Joseph DeFever
 
OASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsOASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of Things
James Bryce Clark
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of things
Jamie Clark
 

Similar to A Data Modelling Framework to Unify Cyber Security Knowledge (20)

Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?
 
An Overview Of The Singularity Project
An Overview Of The Singularity ProjectAn Overview Of The Singularity Project
An Overview Of The Singularity Project
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
Designing Internet of things
Designing Internet of thingsDesigning Internet of things
Designing Internet of things
 
Ultralight Data Movement for IoT with SDC Edge
Ultralight Data Movement for IoT with SDC EdgeUltralight Data Movement for IoT with SDC Edge
Ultralight Data Movement for IoT with SDC Edge
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
 
Product security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsProduct security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security Certs
 
Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...
Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...
Open Source Insight: Black Duck Announces OpsSight for DevOps Open Source Sec...
 
Navigating Crypto: Industry Map
Navigating Crypto: Industry MapNavigating Crypto: Industry Map
Navigating Crypto: Industry Map
 
IOT Exploitation
IOT Exploitation IOT Exploitation
IOT Exploitation
 
Log Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton ChuvakinLog Standards & Future Trends by Dr. Anton Chuvakin
Log Standards & Future Trends by Dr. Anton Chuvakin
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
 
A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...
A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...
A Robust finger Print Authentication Scheme viaBlockchain to retrieve Citizen...
 
Win net presentacion [2005]
Win net presentacion [2005]Win net presentacion [2005]
Win net presentacion [2005]
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
 
Assingment 5 - ENSA
Assingment 5 - ENSAAssingment 5 - ENSA
Assingment 5 - ENSA
 
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, GermanyIOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
IOT-2016 7-9 Septermber, 2016, Stuttgart, Germany
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
 
OASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsOASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of Things
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of things
 

More from Vaticle

Loading Huge Amounts of Data
Loading Huge Amounts of DataLoading Huge Amounts of Data
Loading Huge Amounts of Data
Vaticle
 
Natural Language Interface to Knowledge Graph
Natural Language Interface to Knowledge GraphNatural Language Interface to Knowledge Graph
Natural Language Interface to Knowledge Graph
Vaticle
 
The Next Big Thing in AI - Causality
The Next Big Thing in AI - CausalityThe Next Big Thing in AI - Causality
The Next Big Thing in AI - Causality
Vaticle
 
Building a Distributed Database with Raft.pdf
Building a Distributed Database with Raft.pdfBuilding a Distributed Database with Raft.pdf
Building a Distributed Database with Raft.pdf
Vaticle
 
Enabling the Computational Future of Biology.pdf
Enabling the Computational Future of Biology.pdfEnabling the Computational Future of Biology.pdf
Enabling the Computational Future of Biology.pdf
Vaticle
 
TypeDB Academy | Inference with Rules
TypeDB Academy | Inference with RulesTypeDB Academy | Inference with Rules
TypeDB Academy | Inference with Rules
Vaticle
 
TypeDB Academy | Modelling Principles
TypeDB Academy | Modelling PrinciplesTypeDB Academy | Modelling Principles
TypeDB Academy | Modelling Principles
Vaticle
 
Beyond SQL - Comparing SQL to TypeQL
Beyond SQL - Comparing SQL to TypeQLBeyond SQL - Comparing SQL to TypeQL
Beyond SQL - Comparing SQL to TypeQL
Vaticle
 
TypeDB Academy- Getting Started with Schema Design
TypeDB Academy- Getting Started with Schema DesignTypeDB Academy- Getting Started with Schema Design
TypeDB Academy- Getting Started with Schema Design
Vaticle
 
Comparing Semantic Web Technologies to TypeDB
Comparing Semantic Web Technologies to TypeDBComparing Semantic Web Technologies to TypeDB
Comparing Semantic Web Technologies to TypeDB
Vaticle
 
Reasoner, Meet Actors | TypeDB's Native Reasoning Engine
Reasoner, Meet Actors | TypeDB's Native Reasoning EngineReasoner, Meet Actors | TypeDB's Native Reasoning Engine
Reasoner, Meet Actors | TypeDB's Native Reasoning Engine
Vaticle
 
Intro to TypeDB and TypeQL | A strongly-typed database
Intro to TypeDB and TypeQL | A strongly-typed databaseIntro to TypeDB and TypeQL | A strongly-typed database
Intro to TypeDB and TypeQL | A strongly-typed database
Vaticle
 
Graph Databases vs TypeDB | What you can't do with graphs
Graph Databases vs TypeDB | What you can't do with graphsGraph Databases vs TypeDB | What you can't do with graphs
Graph Databases vs TypeDB | What you can't do with graphs
Vaticle
 
Pandora Paper Leaks With TypeDB
Pandora Paper Leaks With TypeDB Pandora Paper Leaks With TypeDB
Pandora Paper Leaks With TypeDB
Vaticle
 
Strongly Typed Data for Machine Learning
Strongly Typed Data for Machine LearningStrongly Typed Data for Machine Learning
Strongly Typed Data for Machine Learning
Vaticle
 
Combining Causal and Knowledge Modeling for Digital Transformation
Combining Causal and Knowledge Modeling for Digital TransformationCombining Causal and Knowledge Modeling for Digital Transformation
Combining Causal and Knowledge Modeling for Digital Transformation
Vaticle
 
How can we complete a Knowledge Graph?
How can we complete a Knowledge Graph?How can we complete a Knowledge Graph?
How can we complete a Knowledge Graph?
Vaticle
 
Text-Mined Data in a Knowledge Graph
Text-Mined Data in a Knowledge GraphText-Mined Data in a Knowledge Graph
Text-Mined Data in a Knowledge Graph
Vaticle
 
Introduction to Knowledge Graphs with Grakn and Graql
Introduction to Knowledge Graphs with Grakn and Graql Introduction to Knowledge Graphs with Grakn and Graql
Introduction to Knowledge Graphs with Grakn and Graql
Vaticle
 
Power of the Run Graph
Power of the Run GraphPower of the Run Graph
Power of the Run Graph
Vaticle
 

More from Vaticle (20)

Loading Huge Amounts of Data
Loading Huge Amounts of DataLoading Huge Amounts of Data
Loading Huge Amounts of Data
 
Natural Language Interface to Knowledge Graph
Natural Language Interface to Knowledge GraphNatural Language Interface to Knowledge Graph
Natural Language Interface to Knowledge Graph
 
The Next Big Thing in AI - Causality
The Next Big Thing in AI - CausalityThe Next Big Thing in AI - Causality
The Next Big Thing in AI - Causality
 
Building a Distributed Database with Raft.pdf
Building a Distributed Database with Raft.pdfBuilding a Distributed Database with Raft.pdf
Building a Distributed Database with Raft.pdf
 
Enabling the Computational Future of Biology.pdf
Enabling the Computational Future of Biology.pdfEnabling the Computational Future of Biology.pdf
Enabling the Computational Future of Biology.pdf
 
TypeDB Academy | Inference with Rules
TypeDB Academy | Inference with RulesTypeDB Academy | Inference with Rules
TypeDB Academy | Inference with Rules
 
TypeDB Academy | Modelling Principles
TypeDB Academy | Modelling PrinciplesTypeDB Academy | Modelling Principles
TypeDB Academy | Modelling Principles
 
Beyond SQL - Comparing SQL to TypeQL
Beyond SQL - Comparing SQL to TypeQLBeyond SQL - Comparing SQL to TypeQL
Beyond SQL - Comparing SQL to TypeQL
 
TypeDB Academy- Getting Started with Schema Design
TypeDB Academy- Getting Started with Schema DesignTypeDB Academy- Getting Started with Schema Design
TypeDB Academy- Getting Started with Schema Design
 
Comparing Semantic Web Technologies to TypeDB
Comparing Semantic Web Technologies to TypeDBComparing Semantic Web Technologies to TypeDB
Comparing Semantic Web Technologies to TypeDB
 
Reasoner, Meet Actors | TypeDB's Native Reasoning Engine
Reasoner, Meet Actors | TypeDB's Native Reasoning EngineReasoner, Meet Actors | TypeDB's Native Reasoning Engine
Reasoner, Meet Actors | TypeDB's Native Reasoning Engine
 
Intro to TypeDB and TypeQL | A strongly-typed database
Intro to TypeDB and TypeQL | A strongly-typed databaseIntro to TypeDB and TypeQL | A strongly-typed database
Intro to TypeDB and TypeQL | A strongly-typed database
 
Graph Databases vs TypeDB | What you can't do with graphs
Graph Databases vs TypeDB | What you can't do with graphsGraph Databases vs TypeDB | What you can't do with graphs
Graph Databases vs TypeDB | What you can't do with graphs
 
Pandora Paper Leaks With TypeDB
Pandora Paper Leaks With TypeDB Pandora Paper Leaks With TypeDB
Pandora Paper Leaks With TypeDB
 
Strongly Typed Data for Machine Learning
Strongly Typed Data for Machine LearningStrongly Typed Data for Machine Learning
Strongly Typed Data for Machine Learning
 
Combining Causal and Knowledge Modeling for Digital Transformation
Combining Causal and Knowledge Modeling for Digital TransformationCombining Causal and Knowledge Modeling for Digital Transformation
Combining Causal and Knowledge Modeling for Digital Transformation
 
How can we complete a Knowledge Graph?
How can we complete a Knowledge Graph?How can we complete a Knowledge Graph?
How can we complete a Knowledge Graph?
 
Text-Mined Data in a Knowledge Graph
Text-Mined Data in a Knowledge GraphText-Mined Data in a Knowledge Graph
Text-Mined Data in a Knowledge Graph
 
Introduction to Knowledge Graphs with Grakn and Graql
Introduction to Knowledge Graphs with Grakn and Graql Introduction to Knowledge Graphs with Grakn and Graql
Introduction to Knowledge Graphs with Grakn and Graql
 
Power of the Run Graph
Power of the Run GraphPower of the Run Graph
Power of the Run Graph
 

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 

A Data Modelling Framework to Unify Cyber Security Knowledge

  • 1. A Data Modelling Framework to Unify Cyber Security Knowledge OmnibusCyber Authors: Dr. Paolo Di Prodi Dr. Brett Forbes
  • 2. About Me Paolo Di Prodi Phd in Machine Learning Software and Automation Engineer Worked for Microsoft and now Fortinet. Mostly Data Science in Cyber Security. Prior to that malware reversing.
  • 3. Problem we have right now! External: Threat Intelligence Exchange Internal: Any cyber data
  • 4. The Sheriff of data modelling š Classical drama buy vs build vs reuse š Buy is not an option š Build is usually the option š How can we avoid typical mistakes? š Can provide a basic structure? š With the ability to extend to each company?
  • 5. External Threat Intelligence š STIX and TAXII are standards developed in an effort to improve the prevention and mitigation of cyber-attacks. STIX states the “what” of threat intelligence, while TAXII defines “how” that information is relayed. Unlike previous methods of sharing, STIX and TAXII are machine-readable and therefore easily automated.
  • 6. STIX and TAXI STIX, short for Structured Threat Information eXpression, is a standardized language developed by MITRE and the OASIS Cyber Threat Intelligence (CTI) Technical Committee for describing cyber threat information. TAXII, short for Trusted Automated eXchange of Intelligence Information, defines how cyber threat information can be shared via services and message exchanges. It is designed specifically to support STIX information
  • 7. Tons and Tons of TIPs (around 98 vendors)
  • 8. Internal use cases š Sensor Telemetry š Managed Detection Response š Incident Response š SOAR š XDR BUY REUSE BUILD
  • 9. Classical build environment setup Sensor IPS/IDS/AV/EPP/EDR Transport ProtoBuf/JSON/Avro/MQTT Data Lake Central or Distributed Data Marts
  • 10. Vulnerabilities concepts CVE CVSS EPSS CVRF SBOM VEX CSAF MITRE CAPEC CWE CPE
  • 11. God created silos in the last day IPS DB Query EDR DB AV DB Query FIM DB Query ZTN DB Query š Each product have their own syntax, taxonomies and ontologies š Building a federated DB is a big challenge š I mean just even look at the SIEM vendor space…. Where are my CVE? What is a vulnerabili ty? What is the context? Where is my OLAP?
  • 13. Omnibus Cyber Data Lake ETL TypeDB Base Schema •Entity •Relations •Rules •URI ETL •External reference •Loaders OLAP •Dimensions •Fact •Measure
  • 14. Meet the elephants UCO ad OCSF UCO
  • 15. Unified Cyber Ontology (UCO) š A foundation for standardized information representation across the cyber security domain/ecosystem š Last version: 0.9.0 on 16 June 2022 š First Version: 01.0 on 5 Jan 2017 š Based on: š OWL š Java 11 š Key stats: š 418 Classes š 707 Properties š 11812 Triples RDF Adoption Focus on Observables
  • 16. Open Cybersecurity Schema Framework (OCSF) š The Open Cybersecurity Schema Framework is an open-source project, delivering an extensible framework for developing schemas, along with a vendor- agnostic core security schema. Vendors and other data producers can adopt and extend the schema for their specific domains. š OCSF is intended to be used by both products and devices which produce log events, analytic systems, and logging systems which retain log events. š First Version: 14 July 2022 š Schema: JSON Loose inheritance There is no reference database implementation.
  • 17. Our advantages Extensibility • Base Schema • Inheritance Reference implementation • TypeDB • Toolbox ER • Entity- Relationships • URI Sharing • Native STIX import/export
  • 18. Why not everything STIX? What about CWE,CAPEC, ATTCK?
  • 19. STIX Databases and Extensions Section 7.3 •Extension Definition Policy •JSON schema Section 11 •Custom Object Extensions •Deprecated š A work in progress for now in cooperation with OASIS š Is it possible? Yes
  • 20. Omnibus Design Prod schema Corp Schema Base Schema š Basic pattern: inherit and extend š Base Schema contains main concepts: š CVE/CVSS/CWE/CAPEC š MAEC š COCOA š ATT&CK, DEFEND, ATTCK FLOW etc š VERIZON/VERIS š Specialized schema contains business logic š Sensor facts š Incident Response Playbooks
  • 21. Live Demo Kafka Bus DataLake IPS/IDS /EDR/ AV ProtoBuf ProtoBuf ProtoBuf ProtoBuf OmnibusCyb er ETL
  • 22. Example for IPS packet Inherit and expand š It’s excellent for additions š Example here is to derive CVE entity: š Add relation to device object š Add relation to volume count Simple YAML config Specific schema Hostxyz|2022-01-01T10:00:00|CVE- 2022-1234|1000
  • 23. Cool benefits Auto Enrichment š Each entity could have an authoritative source š This means auto enrichment in real time if required. Demo Example š Let’s enrich the CVE data stream š Source is the NVD database š https://youtu.be/R0fyiBZCEyg Project: https://github.com/priamai/omnicyberdb/tree/experimental