CSNF Documentation - Spring 2022 Update

This page contains information on the Spring 2022 Cloud Security Notification Framework release, code named Birthday Cake. The goal of showing a real-world implementation is to demonstrate the art of the possible. We wanted to try and capture a day in the life of a multi-cloud security operations center or SOC. As we have mentioned before, the SOC is constantly overwhelmed. Analysts are drowning in security alerts, with far too many threats to investigate and resolve.

CSNF Birthday Cake

Cloud Security Notification Framework Specification

This section and those that follow lay out the specifications for the ONUG Cloud Security Notification Framework that was established in the Winter and Spring of 2021. It addresses the CSNF project’s Scope and Use Cases, describes both the Provider and Consumer Experiences, introduces the Canonical Data Model, and explains the key “Decorator” concept.

Core Components

What are the key components of the CSNF?

Contribution Guidelines

CSNF birthday-cake

CSNF demo-service (archived)

The CSNF demo-service is a typescript application that provides minimal functionality to allow security researchers and security developers to become familiar with the CSNF Decorator. The application can be easily deployed using Docker.

Last modified April 12, 2022: updated image (48bbb16)