Published July 2, 2024 | Version v1
Conference proceeding Open

A SOAR platform for standardizing, automating operational processes and a monitoring service facilitating auditing procedures among IoT trustworthy environments

  • 1. ROR icon Institute of Communication and Computer Systems

Description

Advanced Threat Intelligence Orchestrator (ATIO) is a sophisticated middleware solution designed to enhance unified threat management (UTM) monitoring processes by adhering Security Orchestration Automation Response (SOAR) capabilities. This paper provides a detailed overview of ATIO, highlighting its multitasking capabilities 
towards coordinating information from different types of tools, usually bringing with them different types of data.  Also, it gives some details on the system implementation and some indicative operational workflows. Central to ATIO's functionality is its ability to concurrently or sequentially automate the execution and processing steps of 
multiple workflows, while adhering to cyber security standards, organization policies and regulations. The design of ATIO is flexible, accommodating various interconnected services and tools to meet specific requirements, as well as diverse infrastructure interfaces, accommodating different specifications seamlessly adhering standardized 
formats and Cyber Threat Information (CTI) languages, such as STIX2.1. This integration enhances interoperability and expands the scope of cyber-threat intelligence operations by enabling connectivity with various systems anddiversified data types. Moreover, ATIO automation nature, boosting detection and acknowledge efficiency and responsiveness in threat intelligence operations. It enables users to alter and filter workflow steps, preparing information for correlation and tracking cyber threat information (CTI) effectively. Additionally, ATIO includes robust mechanisms for monitoring user actions within the system, ensuring accountability and providing valuable 
insights into operational activities.

Files

A SOAR platform for standardizing, automating operational processes and a monitoring service facilitating auditing procedures among IoT trustworthy environments.pdf