Cybersecurity Automation Workshop

2-June-2022 DC CAW

Cybersecurity Automation Workshop

CAW logo


Cybersecurity Automation Workshops are a series of events to prototype and test interoperability among cybersecurity automation technologies. The most recent Workshop was held 2-June-2022 at the AT&T Forum in Washington, DC and focused on supporting the goals of EO 14028 and the Open Source Software Security Mobilization Plan.

EO 14028

Executive Order 14028 states that “Prevention, detection, assessment, and remediation of cyber incidents is essential to national and economic security” and establishes requirements for Federal Information Systems, including:


The Workshop took place 9AM-5PM EDT 2 June 2022.

The four keynote speakers were:

The remaining was spent either:

See Agenda for more details.

Pre-Workshop Homework: Prior to the workshop, attendees were encouraged to familiarize themselves with the organizations participating, what they will be bringing to the workshop, and the use cases being demonstrated.

This ‘pre-workshop’ material is still useful post-workshop.

For the working sessions, the group split into two parallel tracks with some common time.


See results

Sweat Equity

To learn more about what participants are bringing to the workshop, see Sweat Equity



Registration has closed. If interested, contact organizers.


The AT&T Forum is located at 601 New Jersey Avenue NW, Washington, DC 20001.

Thank you to AT&T for hosting the event for us.

Light refreshments will be provided - thanks again to AT&T.

Lunch is being brought in to maximize workshop time - thanks to Cybeats.


The workshop will follow AT&T Forum COVID-19 Guidelines CovidPg1, CovidPg1.

TL;DR - Vaccination required. Masks required.

Networking And Work Spaces

We will have multiple spaces within the Forum, specifically:

The large meeting space will be used for keynotes and the morning non-technical interworking session (see the Agenda). The available spaces will be used flexibly as-needed during the afternoon technical interworking session.

The Forum will provide secured WiFi (SSID + password) which will support outbound Internet access (e.g., to connect to the HII-provided message brokers). Inbound connections will not be supported.

Remote Access

A zoom link was provided for virtual participation.


Open to all. Free. Registration is required.

Should we reach limits (if any) on the number of physical attendees, some sort of rules will need to be worked out, well in advance, on who is eligible to attend. Rules would probably be based on sweat equity, distance traveled, a quota (ie to spread attendance across the orgs involved), with a tie-breaker to who registers first.

Participating Organizations Strictly speaking none (ie workshop is a collection of individuals getting together to understand and get stuff interoperating for the common good). It is an OASIS sponsored event but does not require OASIS membership to attend.

Individuals have already volunteered contributions bringing together the work of the following:


To learn more how the work of these organizations will be specifically used in this workshop, see OrgMashup

Objective, Goals, Focus Attendees should walk away feeling that they have had a positive engagement with their peers and have more confidence cybersecurity automation is in a better state because of effort put into the Workshop.

The objective is demonstrating working interoperating systems contributing to cybersecurity automation, particularly across different participants and across the different standards and organizations in this mashup of meetups.

The method to achieve the objective will be demonstration(s) of use cases.

There may be a certain amount of hackathon to fill in the gaps to complete missing aspects of the use cases.

The focus of the Workshop is really up to the participants and what they bring for interworking. At least some participants are focusing on PACE use cases involving getting/retrieving/evaluating SBOMs/VEXs/CVEs/… including the larger context playbooks in which this is a part, and the subsequent actions taken as a result.

put in pithy meaty example here and ref to rest in use cases.

The Workshop is NOT a bakeoff. The goal is interworking, not ‘picking a winner’ among multiple standards (e.g. focus on transforming between SPDX/CycloneDX instead of focusing on the differences or which is better for a given ecosystem/usecase).

The Workshop is NOT a trade show or beauty pageant. Vendors (and open source projects) can shill their products only in the context of meeting the interworking interfaces (even if it’s with the “hand-waving” lycan). Consider the Code of Conduct to have “vendor” added to the harassment-free list. Talk up your value, don’t talk down your competitors.

Technical Details for Interoperation

see TechDetails for more details on decisions being made on how to get stuff to work together.

Demo Use Cases

In the ideal world, the workshop would perform a live demonstrate one complicated use case that evolved from quiet to under attack touching many different child use cases involving all the orgs and all the participants.

Being the real world, and early in our cybsersecurity automation journey, the workshop will involve a series of demonstrations - some live, some tabletop - touching various interworking scenarios. And they probalby won’t all work, so a certain amount of hackathon will also be taking place to add missing lycans or fixing bugs so that interworking can occur.

More details on exactly is planned is at DemoUseCases

Previous Events

Results from the two previous workshops, and other related events, can be found at Previous Workshops


This workshop is being organized by one passionate individual volunteer who was unelected and will be running it on the D-cubed model (Duncan/democratic/dictator). Hopefully others will step in to help and we’ll evolve to spread the joy around.

Code of Conduct TL;DR - don’t be a jerk.

In the interest of fostering an open and welcoming environment, we as organizers and participants pledge to making participation in our projects and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.

See Code of Conduct for the complete code of conduct.


Join the mailing list:

Join the organizing committee: See the mailing list archives for meeting announcements, surveys, and how to help.

Contribute to this website: Click on the GitHub button at the top of this page. See Contributing

Support or Contact

Need help with contributing to this page - click on the github repo link in the banner at the top

Want to know more? Contact info can be found in the github repo.

Having trouble with Pages? Check out our documentation or contact support and we’ll help you sort it out.

CAW logo