Use Case: Support Cross sensor Correlation and Integration

Abstraction Level: High

Related Use Cases

Support event data analysis from diverse set of sensors

Description

Sensors in the cyber domain can take on a variety of forms (hardware, software, etc.) and accordingly can inspect and report on a wide variety of data, ranging from low-level packets (e.g., layer 2 traffic) to application protocol traffic, to an active file system on a box, just to give a few examples. Enabling the characterization of sensor output in a standard fashion via CybOX will therefore enable sensors to speak the same language, and allow for better correlation and aggregation across this data, supporting a wide variety of other domains and use cases.

Applicable Domains

Indicator sharing
Incident response
Malware analysis

Use Case: Support Cross sensor Correlation and Integration

Abstraction Level: High

Related Use Cases

Description

Applicable Domains

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!