Přehled o publikaci

This demo paper presents the recent development of the CRUSOE toolset. CRUSOE enables cyber situational awareness and provides decision support for network security management. The first public version from 2021 used a combination of active and passive network monitoring to enumerate cyber assets and discover their vulnerabilities, visualize the collected data in a dashboard, conduct a risk assessment to recommend the most resilient infrastructure configuration, and facilitate attack mitigation. It also used novel approaches, such as a graph database for storing the data on cyber assets, which essentially became a knowledge graph for network security management. In the recent development, we managed to automate the deployment of CRUSOE via Ansible and Docker. Further, we implemented additional recommender systems and attack impact assessment capabilities and their visualizations. Finally, several sample datasets were created to facilitate the demonstration of the toolset and to enable testing it without one's data.