Write a Blog >>
ECSA 2020
Mon 14 - Fri 18 September 2020 L'Aquila, Italy

Abstract. Security Operation Centers (SOC) leverage a number of tools to de-tect, thwart and deal with security attacks. One of the key challenges of SOC is to quickly integrate security tools and operational activities. To address this chal-lenge, an increasing number of organizations are using Security Orchestration, Automation and Response (SOAR) platforms, whose design needs suitable ar-chitectural support. This paper presents our work on architecture-centric support for designing SOAR platform. Our approach consists of a conceptual map of SOAR platform and the key dimensions of an architecture design space. We have demonstrated the use of the approach in designing and implementing a Proof of Concept (PoC) SOAR platform for (i) automated integration of security tools and (ii) automated interpretation of activities to execute incident response processes. We also report a preliminary evaluation of the proposed architectural support for improving a SOAR’s design.

Thu 17 Sep
Times are displayed in time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

14:30 - 15:30: S8: Performance and SecurityPaper Presentations / Journal First / Industry Program / Workshops / Research Papers / JSS Special Issue / Doctoral Symposium / Gender Diversity in SA / Tool Demos / Social at ECSA 2020 Teams Channel
Chair(s): Nicole LevyConservatoire National des Arts et Métiers, Barbora BuhnovaMasaryk University

Virtualization support: Roberta Capuano

14:30 - 14:50
Research Papers
Chadni IslamThe University of Adelaide, Muhammad Ali Babar, Surya NepalCSIRO
14:50 - 15:10
Journal First
Walt ScacchiUniversity of California, Irvine, Thomas AlspaughUniversity of California, Irvine
15:10 - 15:30
Research Papers
Dominik WerleKarlsruhe Institute of Technology, Stephan SeifermannKarlsruhe Institute of Technology, Anne KoziolekKarlsruhe Institute of Technology
File Attached