yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

notes/cisco_team_history.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2021-09-18 12:36:38 +02:00
parent a2de5e68e6
commit 9a53efa538
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
notes/cisco_team_history.org
View file

@ -17,3 +17,10 @@
To my understanding, the main idea behind Playbooks was to have a kind of
meta system built by domain experts.
The end goal being to have a "smart view" of the complexity of a threat.
Being able to discover complex links between different warnings from
different places in the system.
For example one of the first mission given to the rule engine (and also
Jyoti worked on part of it at the beginning of the creation of this team)
was to generate COAs (Course of Actions) from Sightings.
This give a better idea about the potential