First off, we would like to thank Dan Blum and the Burton Group for
organizing and hosting the CES SIG last month in San Diego.
Also, thanks to Ian Dobson for recording the meeting minutes.
These minutes, as well as the presentations, are provided in the
attached ZIP archive.
The MITRE Corporation
From: Dan Blum [mailto:[hidden email]]
Sent: Tuesday, 22 July 2008 18:32
To: Dan Blum
Subject: CES SIG report and presentation materials
Dear Catalyst Common Event Standard (CES) attendees:
I think we can declare the event a success from the information
exchange perspective, and the lead up work that some of the key
participants put into understanding the parameters of XDAS and CEE
collaboration. Thank you very much for your part in this and for
attending the Catalyst CES SIG last month!
The attached zip file contains the presentations delivered at the CES
SIG, and also the notes from the event as taken by Ian Dobson.
There are also three follow up opportunities for those interested in
continuing to pursue the path towards a unified log and event
representation standards framework:
- The CEE plans to expand its scope of activities under a
Mitre-facilitated self-governing editorial board. The plan for now is
that collaboration with XDAS participants and other contributors will
take place under this framework. CALL TO ACTION: Sign up to join the
CEE discussion list (http://cee.mitre.org/discussiongroup.html) to
keep abreast of standardization and collaboration activities as they
evolve under this framework.
- The collaboration environment, including a wiki, set up during the
preparation for the CES, is being opened for access to all SIG
attendees or interested parties. The same collaboration environment
may be used to support CEE. Initially, this offer is for read only
access but those that are interested in contributing can arrange an
individual account. CALL TO ACTION: check out the wiki (which has
documents on event standard terminology and use cases) at
http://18.104.22.168:8080/web/guest/home through the shared account
(username: "visitor" and password "standards"), follow the links to
"team sharing" and "standards" and you'll see the link to "wiki" and
other links on the left.
- Going to Blackhat / Defcon? A face to face CEE Meet Up is planned.
Current plans are to meet on Friday, 8 August 2008 at 12 noon outside
the DefCon registration area at the Riviera Hotel & Casino. The group
will organize there and then find a place to talk.
Please feel free to email myself or Bob ([hidden email]) if
you have any questions.
Let the momentum towards a unified log and event representation
standards framework continue!
Senior VP, Principal Analyst
Security and Risk Management Strategies