Comments (9)
adammontville
commented on July 18, 2024
Hi everyone. Earlier, Bill and I worked on trying to model some of the architecture using C4 modeling notation. I've attached our first pass as a series of PDF files starting with context, going into container, and then drilling down to components. The context only has a few systems represented: Threat Intelligence Sharing System (probably found somewhere in our existing diagrams), Configuration Policy Management System, and Posture Assessment System (the SCAPv2 architecture work).
We weren't quite sure if we were walking down the right path, but it's at least a start.
What would be great is if we got a couple of people to join the effort on the threat intelligence side, so that we could drill down from context into containers and components and show the more detailed points of connection.
context.pdf
container.pdf
component.pdf
from documentation.
adammontville
commented on July 18, 2024
Bill found this McAfee Threat Intelligence Exchange overview that depicts ePolicy Orchestrator, Threat Intelligence Exchange Server, and Threat Intelligence Exchange VirusScan Enteprise Module - each connected via OpenDXL. What it doesn't depict is the categorical information going between them. I wonder if we couldn't use this as a start to show contextual connections in the diagrams we created.
from documentation.
MitchellJThomas
commented on July 18, 2024
@adammontville Bill and I are planning on creating the next revision of the original C4 diagrams (attached to this issue and now in the branch mentioned above) and will create a Pull Request to include them in master if they are deemed acceptable by the architecture team.
from documentation.
MitchellJThomas
commented on July 18, 2024
See #14 for activity on the diagrams.
from documentation.
warrenrjwc
commented on July 18, 2024
I like the use of the Threat Intelligence Exchange overview but want to depict functional (vs product) interchanges. I think the key item we need to draft is the missing part you mentioned (the information exchanged between components). Can you map these product to the functions and align that with our current draft architecture?
from documentation.
adammontville
commented on July 18, 2024
@warrenrjwc, I think we could do that. What I'm hoping for is a breakdown of what those functions are right now - I don't have the necessary insight into the threat intelligence subdomain myself to decompose the product view of the Threat Intelligence Exchange overview and then to identify the information that is being exchanged (at least not without making many assumptions).
from documentation.
MitchellJThomas
commented on July 18, 2024
@wmunyan @adammontville and I are working an a new PR (this one from Bill's account) with further updates.
from documentation.
MitchellJThomas
commented on July 18, 2024
On to part three!
from documentation.
MitchellJThomas
commented on July 18, 2024
We should close this issue as we have looked into C4 model tool to use to draw our architecture diagrams and it seems to be useful for organizing these diagrams.
from documentation.
Related Issues (18)
- Need to define what this repo is for HOT 2
- Architecture: Security Automation Workflow Enumeration HOT 2
- Update readme
- How is the security system secured from attackers? HOT 6
- Manager component - unclear what it is HOT 1
- Posture Collection System HOT 2
- Do usecase document in markdown instead of pdf to allow PR's HOT 1
- Architecutre diagram viewpoint HOT 17
- Fix broken images links in readme HOT 1
- Create System Landscape Diagram (C4) to capture high level OCA architecture
- Create C4 diagrams for Threat Intelligence Sharing System
- Need to evolve the architecture terminology document (iterative approach)
- Align SCAP with OpenDXL Ontology. HOT 2
- Evolve our current use cases to drive our architecture definitions
- Suggestion: Diagrams and Documents should include an Acronym Table HOT 1
- This repo need a license file HOT 4
- broken links on root README
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from documentation.