Comments (2)
adammontville
commented on July 18, 2024
That's a good suggestion. Then, as we drill down into containers and components, we could consider depicting different deployment models as well (the SCAM architecture supports remote and agent-based collection).
from documentation.
warrenrjwc
commented on July 18, 2024
For the SACM OCA diagram (https://github.com/MitchellJThomas/documentation/blob/initial-c4-diagrams/README.md) I have some questions (love the diagram!)
(1) Should Queries be two way arrows? (perhaps not all boxes but some), as SIEMs, SOARS, etc query for information as well as receive queries.
(2) I am a bit confused on the multiple endpoint boxes (2 down the bottom and an EDR box above). Why are these multiples?
(3) Does Data Fabric represent STIX-Shifter (per original diagram)? If so, it currently supports specific queries only (for observable objects). Perhaps we need to denote this?
(4) Does Integration Service represent OpenDXL (per original diagram)? If so, perhaps a more descriptive name would be appropriate (like Communications service/common message bus/...). I do not think Integration Service clearly represents OpenDXL.
(5) For the SOAR box, is O and A - operations and automation? Should the SOAR box have a query/response arrow?
(6 For the SIEM box, the arrow has logs and network data. This seems only partially true (they can collect asset info, vulnerability data, risk info and much more). Perhaps we should label it more generically (like you did for the threat intelligence box)?
from documentation.
Related Issues (18)
- Need to define what this repo is for HOT 2
- Architecture: Security Automation Workflow Enumeration HOT 2
- Update readme
- How is the security system secured from attackers? HOT 6
- Manager component - unclear what it is HOT 1
- Do usecase document in markdown instead of pdf to allow PR's HOT 1
- Architecutre diagram viewpoint HOT 17
- Fix broken images links in readme HOT 1
- Create System Landscape Diagram (C4) to capture high level OCA architecture
- Create C4 diagrams for Threat Intelligence Sharing System
- Need to evolve the architecture terminology document (iterative approach)
- Align SCAP with OpenDXL Ontology. HOT 2
- Evolve our current use cases to drive our architecture definitions
- Suggestion: Diagrams and Documents should include an Acronym Table HOT 1
- This repo need a license file HOT 4
- broken links on root README
- Architecture: Investigate C4 Model for Diagrams HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from documentation.