Professional Documents
Culture Documents
Outline
● Motivation
● Functionalities
● Literature Survey
● Architecture
● Requirements
● Design Steps
● ER Diagram
● Results
● Challenges
● Future Scope
● Timeline
Motivation
● Cybersecurity breaches lead to serious organizational and
socio-economic consequences, such as loss of revenue, damage to
reputation and information system, and theft of proprietary data
and customer sensitive information.
● Organizations have multiple security tools to detect, investigates
and remediate. But these can’t be integrated together and leads
to huge amount of inefficiency and time-consuming.
● They also don't have any documented process to follow and rely
only on their knowledge. Security Orchestration remedies these
challenges by bringing together various tools by streamlining the
processes.
Functionalities
Literature Survey
● Organizations lack of a single security tool that can process
the whole of the security operations. Isolated security tools
are considered as a poor communicator and cannot always
assume the presence of another tool.
● According to literature there are multiple paid enterprise
solutions already available in the market which helps users
orchestrate and integrate their different security tools but
there are very few open-source solutions in this area which
can satisfy the needs of CxOs and organizations.
● HP reported 48% of their recorded cyber-attacks were from
known vulnerabilities that are 4-5 years old.
https://www.mcafee.com/enterprise/en-us/assets/infographics/infographicautomation-orchestration.pdf
https://www.forescout.com/wp-content/uploads/2017/04/ Protecting-theConnection-Lifecycle-ForeScout-White-Paper.pdf.
Architecture
ER Diagram
Results
Challenges
● Starting, scaling, and load-balancing of the containers in real
time
● Design architecture in such a way that new scanner can be
easily integrated
● Orchestrating multiple containers ensuring efficiency
● Parsing data feeds received from multiple containers
● Ensuring security of the containers we are using
● De-duplicating vulnerabilities and prioritize with high
accuracy
Future Scope
● Define our own model using our own collected data runs in
real-time.
Timeline