This is a very preliminary use case summary, more detailed use cases are being produced.
- Protection of critical infrastructure through information sharing and analytics. Specific use cases for the electric grid (Duke Energy)
- Large company understanding and acting on its threat/risk landscape
- Fusion center “connecting the dots” by federating multiple data sources
- California Governor’s Office of Emergency Services fusing BioWatch and other data for better decision making
- Integration of STIX (Cyber) data with physical threats and risks for all-hazards
- Retail Sector Point of Sales Attack
- Securing the supply chain for Air Force avionics
- Physical attack on Transformer Yields Cyber and Kinetic Effects
- Threat to electronic healthcare records
- DoD Information Sharing Portal
- Federating information for evaluating the trust of individuals and organizations
- Victim information compromise
- Theft of laptop exposes credentials resulting in loss of confidential information
- State Cybercrime Investigation
- Aligning risk models along the dependencies between systems
- Response to natural disaster as illustrated in the Snowmageddon use case.
- Cyber Domain
- Targeted Spear-Phishing Attacks
- Drive-By Watering Hole Attacks
- Supply Chain Attacks
- Acquisition Attacks
- PITMBX Attacks
- Holiday Season Large Scale Attacks
- USB in the Parking Lot Attacks
- Provisioning Process Attacks
- USB at the Meeting Attacks
- Conference Hotel Attacks
- Trojan Horse Attacks (Modernized)
- Perimeter Attacks
- Home Employee Attacks