An open source community to drive the automation of cyber security operations
Organizations increasingly seek to automate (some of) their cyber security operations. This trend is particularly visible in the SOC, CERT and CTI space, where automation can (among other things) increase the speed at which threats and incidents are resolved. The need to automate cyber security operations is widely recognized and has already led to an array of commercial and technological developments. New innovations continue to emerge, however, and the Community for Open Source Security Automation Software (COSSAS) aims to make these available to interested SOC, CERT and CTI professionals. More specifically, the COSSAS initiative pursues the following mission:
To achieve this mission, COSSAS structurally releases open source solutions for cyber security automation that stem from innovation projects that its partners have been involved in. Rather than ready-for-use software platforms, these are typically innovative building blocks (software components) that community participants can deploy and trial in their own operational environments. COSSAS will feature a continuously expanding base of such software components and the community is encouraged to actively contribute to their further development. Notably, the core component (initial release) as well as all further iterations and community contributions are subjected to quality assurance by means of automated Continuous Integration (CI) pipelines. What’s more, the COSSAS partners also offer student assignments to drive the development of particular solutions.