IACD Library
IACD Documents

The following topics are used to categorize the documents:

  • Architecture
  • Orchestration
  • Playbooks
  • Interoperability
  • Trust
  • Other
  • Video

Date Topic Document Name Description Link to Document
Spiral Summaries
Why IACD Playbooks?
What’s in a Playbook?
How to Build a Playbook
Toward a Capability-Based Architecture for Cyberspace Defense
Integrated Adaptive Cyber Defense (IACD) Playbooks
Active Cyber Defense: A Vision for Real-Time Cyber Defense
Enabling Distributed Security in Cyberspace
IACD Spiral 0 Quick Reference: Make It Real
IACD Spiral 1 Quick Reference: Scalability and Automated Indicator Sharing
IACD Spiral 2 Quick Reference: Risk- and Mission-Based COA Selection
IACD Spiral 3 Quick Reference: Anomalous Behavior Mitigation and COA Sharing
IACD Spiral 4 Quick Reference: Message Fabric Interoperability/Interchangeability
2017/10 Integration Standards: Sustainable Orchestration
2017/10 Automating Critical Security Controls: Barriers and Opportunities
2017/10 Orchestration as-a-Service (OaaS)
2017/10 Meeting in the Middle: Bridging the IACD Adoption Gap
2017/10 Autoimmunity
2017/10 Automated Recovery in an IT/OT Environment
2017/10 Integrated Cyber Defense Working Group (ICD WG) Introduction
2017/10 Integration Community of Interest Kickoff
2017/10 CIS Playbook Breakout Jam Session
2017/10 Challenges of Brokering Information between Trust Communities and Governments
2017/10 Reaching Out to Small/Medium Stakeholders in a Sector
2017/10 Playbooks IACD Playbooks 101: A Common and Consistent Approach to Playbook Fundamentals
2017/10 IACD Spirals Overview
2017/10 IACD 101: What Everyone Ought to Know About IACD
2017/10 AIS 101: Automated Indicator Sharing (AIS)
2017/10 From “Groundhog Day” to “Independence Day”: Scripting Your Cyberdefense Movie
2017/10 Integrated Cyber: Accelerating the Speed and Scale of Cyber Defense
2017/10 Opening Key Note for the Integrated Cyber Forum (October 2017)
2017/03 IACD Integrator Partnerships
2017/03 Rapid Interoperability via Open Interfaces
2017/03 California Energy Systems (CES) for the 21st Century (CES-21)
2017/03 IT/OT Breakout Session: Cyber Defense of Bridging IT/OT
2017/03 Orchestration Services Specification & Community
2017/03 Cyber Threat Information Sharing and AIS
2017/03 Symantec OpenC2 Proxy
2017/03 Look Ma, No Hands! (World Wide Technology [WWT] Brief)
2017/03 JHU/APL Brief: Integrated Adaptive Cyber Defense (IACD) Community Day
2016/02 Application of Message Fabrics to SRCE Systems
2015/10 Integrated Adaptive Cyber Defense Spiral 3 Community Day Brief
2016/10 Integrated Adaptive Cyber Defense Spiral 5 Community Day Brief
2017/04 Advancing the Global Health Sector’s Cyber and Physical Security
2017/04 Engaging Small to Middle Healthcare and Public Health
2017/04 Healthcare Cybersecurity & Information Sharing
2017/04 HITRUST Brief
2017/04 Automated Indicator Sharing (AIS)
2017/10 IACD Baseline Architecture
2017/10 Autoimmunity for Cyber Threat Information Sharing
2017/10 Integrated Adaptive Cyber Defense (IACD) Reversibility Thoughts
2017/10 How to Build an IACD Playbook
2017/10 Playbooks Integrated Cyber Playbook Jam Final
2017/10 Playbooks Autoimmunity Playbook for Information Brokers
2017/10 Playbooks Investigate Loss of Internal Service and Rebuild Server Playbook
2017/10 Playbooks Introduction to Integrated Adaptive Cyber Defense (IACD) Playbooks The intent of this paper is to be a starting point for conversation with the IACD community on harmonizing the security automation playbook concept to foster agreement on the amount of specificity contained within playbooks.
2017/10 Playbooks Types of Content within an IACD Playbook This paper is a continuation of the “Introduction to Integrated Adaptive Cyber Defense (IACD) Playbooks” document and discusses the various types of content IACD believes should be contained within every playbook.
2017/02 Other Integrated Adaptive Cyber Defense (IACD) Reference Solution for Automated Triage and Enrichment of Indicators and Alerts This document provides the base technical content to engage the IACD community to define what type of information a reference solution should contain and allow them to populate or improve the content. The goal is to collaboratively create both a specific reference solution that the community can use to implement automated enrichment of cyber threat indicators and a format to document demonstrated IACD functionality.
2016/12 Architecture Integrated Adaptive Cyber Defense (IACD) Baseline Reference Architecture This document provides an updated description of the concept, general functions, and architectural construct for IACD.
2017/08 Orchestration Integrated Adaptive Cyber Defense (IACD) Orchestration Thin Specification, Version 2.0 This document describes the minimum set of requirements and specifications for the orchestration services of IACD.
2017/06 Trust Protecting Your Defenses: Security Considerations for Orchestration Services This paper is meant to support an organization with initial planning and/or discussions with commercial providers and, as such, does not strive for completeness with respect to these issues.
2017/06 Interoperability Fast, Flexible, and Sustainable: Bringing “and” to Cybersecurity Automation and orchestration are the trend in cybersecurity operations, but different integration models leave organizations choosing among speed, scale, and time to value.
2017/08 Orchestration Trends In Technology: Orchestrators Orchestration. It’s the new hot topic in cybersecurity interoperability and automation. This handout provides you with a quick analysis of some of the common characteristics and operationally critical features of these rapidly maturing technologies. Whether you’re interested in purchasing orchestration products or just trying to keep up with the latest trends in technology, take a few minutes to see what many of them can offer.