STORM - Collaborative Security Management Environment

Ntouskas, Theodoros; Pentafronimos, George; Papastergiou, Spyros

doi:10.1007/978-3-642-21040-2_23

Cited by 6 publications

(9 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The lack of interoperability among security tools results in more responsibility on human experts (briefly explained in section 5.2) and leads to redundant, complex, inefficient incident response process. Existing security management and risk assessment solutions are not designed to collaborate [77]. These solutions do not consider several aspects that affect the evaluation criteria of the threats and vulnerabilities thus make the security procedures incomplete.…”

Section: Technical Challengesmentioning

confidence: 99%

“…Learning. A set of studies have used Artificial Intelligence (AI) technique and game theory model to make security system intelligent [21,44,48,66,73,77]. McAfee has proposed to expand the security orchestration platform capabilities by including behavioral security; for example, pre-execution, postexecution, machine learning and more [12].…”

Section: 23mentioning

confidence: 99%

“…Most of the security orchestration platforms assume that organizations already own multivendor security tools. Several papers have mentioned a range of security tools while designing orchestration platform for small to the medium organizations [13,17,29,49,60,66,77,101,108]. Some key types of security tools used by organizations are SIEM, forensics tools, signature-based control tools, firewall, IDS/IPS, anti-malware, antivirus, perimeter security tools, ticketing solutions, traffic inspection tools, compliance tools and vulnerability scanners [43,108,115].…”

Section: Resource Typementioning

confidence: 99%

“…Zonouz et al [42] have mentioned an online evaluation framework to help administrators. For a coordination model, the work reported in [77] has proposed four groups of users where they have considered security and business continuity team as a group and administrator as another group. The other two groups are a group of local users and group of external or corporate users [77].…”

Section: Resource Typementioning

confidence: 99%

“…For a coordination model, the work reported in [77] has proposed four groups of users where they have considered security and business continuity team as a group and administrator as another group. The other two groups are a group of local users and group of external or corporate users [77]. Security teams vary by size, vertical and expertise and what an organization needs from threat intelligence [86].…”

Section: Resource Typementioning

confidence: 99%

See 4 more Smart Citations

A Multi-Vocal Review of Security Orchestration

2019

View full text Add to dashboard Cite

Organizations use diverse types of security solutions to prevent cyber-attacks. Multiple vendors provide security solutions developed using heterogeneous technologies and paradigms. Hence, it is a challenging rather impossible to easily make security solutions to work an integrated fashion. Security orchestration aims at smoothly integrating multivendor security tools that can effectively and efficiently interoperate to support security staff of a Security Operation Centre (SOC). Given the increasing role and importance of security orchestration, there has been an increasing amount of literature on different aspects of security orchestration solutions. However, there has been no effort to systematically review and analyze the reported solutions. We report a Multivocal Literature Review that has systematically selected and reviewed both academic and grey (blogs, web pages, white papers) literature on different aspects of security orchestration published from January 2007 until July 2017. The review has enabled us to provide a working definition of security orchestration and classify the main functionalities of security orchestration into three main areas -unification, orchestration, and automation. We have also identified the core components of a security orchestration platform and categorized the drivers of security orchestration based on technical and socio-technical aspects. We also provide a taxonomy of security orchestration based on the execution environment, automation strategy, deployment type, mode of task and resource type. This review has helped us to reveal several areas of further research and development in security orchestration. CCS ConceptsGeneral and reference → Survey and overviews; Security and privacy; Software engineering Additional Key Words and PhraseSecurity orchestration, security automation, multivocal literature review, intelligent security assistant.

show abstract

Section: Technical Challengesmentioning

confidence: 99%

Section: 23mentioning

confidence: 99%

Section: Resource Typementioning

confidence: 99%

Section: Resource Typementioning

confidence: 99%

Section: Resource Typementioning

confidence: 99%

See 3 more Smart Citations

A Multi-Vocal Review of Security Orchestration

2019

View full text Add to dashboard Cite

show abstract

Open Issues and Proposals in the IT Security Management of Commercial Ports: The S-PORT National Case

Polemi

Ntouskas

2012

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

Commercial ports are large scale infrastructures which their Information and Telecommunication (PIT) systems offer critical services and host sensitive data. However the current maritime legislation or standardization efforts do not sufficiently cover the IT security of the commercial ports. Identifying these needs we propose a collaborative environment offering security management services including a targeted risk management methodology which will help commercial ports to self manage their security.

show abstract