├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── IOC ├── AA20-352A.stix2.json ├── apt1.stix2.json └── imddos.stix2.json ├── LICENSE.md ├── OCA-1.png ├── README.md ├── charter.md └── docs ├── 2021-10-18_HII_PACE-Prototype-Update.pdf ├── Arch ├── OC2_Get_SBOM_Arch.png ├── OC2_Get_SBOM_Seq.png ├── README.md ├── pace_arch_1.drawio ├── pace_arch_1.png ├── pace_arch_2.drawio ├── pace_arch_2.png ├── pace_arch_3.drawio ├── pace_arch_3.png ├── par_01.drawio ├── par_01.png ├── pcs_01.drawio ├── pcs_01.png ├── pes_01.drawio └── pes_01.png ├── FAQ └── README.md ├── Linked_Collection_Evaluation_Concept.md ├── PACE_Process_Per_RFC7632.pdf ├── Plugfests └── 2202-06-CAW-DC │ ├── README.md │ └── sFractal │ ├── Images │ ├── c2c.01.drawio │ ├── c2c.01.png │ ├── pace_arch_3.drawio │ └── pace_arch_3.png │ └── README.md ├── ProjectSpecification ├── Pace-v1.0.0-psd01.md ├── images │ └── image_1.png ├── styles │ ├── markdown-styles-v1.7.3.css │ └── markdown-styles-v1.7.3a.css └── template-README-v1.1-OP.txt ├── RFC7632-Posture-Assessement-Building-Blocks.xlsx ├── SACM_and_OpenC2_Concept.pdf ├── SCAPv2 ├── Data Collection Architecture Sub-Group - Fall Workshop Briefing.pdf ├── SCAP v2 Data Collection Architecture 20200818.docx.pdf └── SCAPv2 and OpenC2.pdf ├── UseCases ├── Images │ ├── CollectSbomFromDevice.png │ ├── CollectSbomFromDevice2.png │ ├── CollectSbomFromUrl2.png │ ├── CollectSbomWithCommand.png │ ├── EnterprisePosture.drawio │ ├── EnterprisePosture.png │ ├── ips-pcs-pes-usecase.png │ ├── retrieve_sbom_01.png │ ├── retrieve_sbom_02.png │ ├── retrieve_sbom_03.png │ └── stix-pcs-pes-usecase.png ├── Pace_Sbom_Vex_Flags_Prioritization │ ├── IE01.png │ ├── IIA01.png │ ├── IIID01.png │ └── README.md ├── README.md ├── collect_sbom_from_device.md ├── collect_sbom_from_url.md ├── collect_sbom_with_command.md ├── enterprise_security_posture.md ├── ips-pcs-pes-usecase.md ├── retrieve_sbom.md └── stix-pcs-pes-usecase.md ├── oval-samples ├── oval-sample-collection-only.xml └── oval-sample-full-policy.xml ├── sacm-architecture.png └── seq-linked-pcs-pes.png /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/.gitignore -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /IOC/AA20-352A.stix2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/IOC/AA20-352A.stix2.json -------------------------------------------------------------------------------- /IOC/apt1.stix2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/IOC/apt1.stix2.json -------------------------------------------------------------------------------- /IOC/imddos.stix2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/IOC/imddos.stix2.json -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/LICENSE.md -------------------------------------------------------------------------------- /OCA-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/OCA-1.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/README.md -------------------------------------------------------------------------------- /charter.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/charter.md -------------------------------------------------------------------------------- /docs/2021-10-18_HII_PACE-Prototype-Update.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/2021-10-18_HII_PACE-Prototype-Update.pdf -------------------------------------------------------------------------------- /docs/Arch/OC2_Get_SBOM_Arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/OC2_Get_SBOM_Arch.png -------------------------------------------------------------------------------- /docs/Arch/OC2_Get_SBOM_Seq.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/OC2_Get_SBOM_Seq.png -------------------------------------------------------------------------------- /docs/Arch/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/README.md -------------------------------------------------------------------------------- /docs/Arch/pace_arch_1.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pace_arch_1.drawio -------------------------------------------------------------------------------- /docs/Arch/pace_arch_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pace_arch_1.png -------------------------------------------------------------------------------- /docs/Arch/pace_arch_2.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pace_arch_2.drawio -------------------------------------------------------------------------------- /docs/Arch/pace_arch_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pace_arch_2.png -------------------------------------------------------------------------------- /docs/Arch/pace_arch_3.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pace_arch_3.drawio -------------------------------------------------------------------------------- /docs/Arch/pace_arch_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pace_arch_3.png -------------------------------------------------------------------------------- /docs/Arch/par_01.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/par_01.drawio -------------------------------------------------------------------------------- /docs/Arch/par_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/par_01.png -------------------------------------------------------------------------------- /docs/Arch/pcs_01.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pcs_01.drawio -------------------------------------------------------------------------------- /docs/Arch/pcs_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pcs_01.png -------------------------------------------------------------------------------- /docs/Arch/pes_01.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pes_01.drawio -------------------------------------------------------------------------------- /docs/Arch/pes_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Arch/pes_01.png -------------------------------------------------------------------------------- /docs/FAQ/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/FAQ/README.md -------------------------------------------------------------------------------- /docs/Linked_Collection_Evaluation_Concept.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Linked_Collection_Evaluation_Concept.md -------------------------------------------------------------------------------- /docs/PACE_Process_Per_RFC7632.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/PACE_Process_Per_RFC7632.pdf -------------------------------------------------------------------------------- /docs/Plugfests/2202-06-CAW-DC/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Plugfests/2202-06-CAW-DC/README.md -------------------------------------------------------------------------------- /docs/Plugfests/2202-06-CAW-DC/sFractal/Images/c2c.01.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Plugfests/2202-06-CAW-DC/sFractal/Images/c2c.01.drawio -------------------------------------------------------------------------------- /docs/Plugfests/2202-06-CAW-DC/sFractal/Images/c2c.01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Plugfests/2202-06-CAW-DC/sFractal/Images/c2c.01.png -------------------------------------------------------------------------------- /docs/Plugfests/2202-06-CAW-DC/sFractal/Images/pace_arch_3.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Plugfests/2202-06-CAW-DC/sFractal/Images/pace_arch_3.drawio -------------------------------------------------------------------------------- /docs/Plugfests/2202-06-CAW-DC/sFractal/Images/pace_arch_3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Plugfests/2202-06-CAW-DC/sFractal/Images/pace_arch_3.png -------------------------------------------------------------------------------- /docs/Plugfests/2202-06-CAW-DC/sFractal/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/Plugfests/2202-06-CAW-DC/sFractal/README.md -------------------------------------------------------------------------------- /docs/ProjectSpecification/Pace-v1.0.0-psd01.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/ProjectSpecification/Pace-v1.0.0-psd01.md -------------------------------------------------------------------------------- /docs/ProjectSpecification/images/image_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/ProjectSpecification/images/image_1.png -------------------------------------------------------------------------------- /docs/ProjectSpecification/styles/markdown-styles-v1.7.3.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/ProjectSpecification/styles/markdown-styles-v1.7.3.css -------------------------------------------------------------------------------- /docs/ProjectSpecification/styles/markdown-styles-v1.7.3a.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/ProjectSpecification/styles/markdown-styles-v1.7.3a.css -------------------------------------------------------------------------------- /docs/ProjectSpecification/template-README-v1.1-OP.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/ProjectSpecification/template-README-v1.1-OP.txt -------------------------------------------------------------------------------- /docs/RFC7632-Posture-Assessement-Building-Blocks.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/RFC7632-Posture-Assessement-Building-Blocks.xlsx -------------------------------------------------------------------------------- /docs/SACM_and_OpenC2_Concept.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/SACM_and_OpenC2_Concept.pdf -------------------------------------------------------------------------------- /docs/SCAPv2/Data Collection Architecture Sub-Group - Fall Workshop Briefing.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/SCAPv2/Data Collection Architecture Sub-Group - Fall Workshop Briefing.pdf -------------------------------------------------------------------------------- /docs/SCAPv2/SCAP v2 Data Collection Architecture 20200818.docx.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/SCAPv2/SCAP v2 Data Collection Architecture 20200818.docx.pdf -------------------------------------------------------------------------------- /docs/SCAPv2/SCAPv2 and OpenC2.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/SCAPv2/SCAPv2 and OpenC2.pdf -------------------------------------------------------------------------------- /docs/UseCases/Images/CollectSbomFromDevice.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/CollectSbomFromDevice.png -------------------------------------------------------------------------------- /docs/UseCases/Images/CollectSbomFromDevice2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/CollectSbomFromDevice2.png -------------------------------------------------------------------------------- /docs/UseCases/Images/CollectSbomFromUrl2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/CollectSbomFromUrl2.png -------------------------------------------------------------------------------- /docs/UseCases/Images/CollectSbomWithCommand.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/CollectSbomWithCommand.png -------------------------------------------------------------------------------- /docs/UseCases/Images/EnterprisePosture.drawio: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/EnterprisePosture.drawio -------------------------------------------------------------------------------- /docs/UseCases/Images/EnterprisePosture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/EnterprisePosture.png -------------------------------------------------------------------------------- /docs/UseCases/Images/ips-pcs-pes-usecase.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/ips-pcs-pes-usecase.png -------------------------------------------------------------------------------- /docs/UseCases/Images/retrieve_sbom_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/retrieve_sbom_01.png -------------------------------------------------------------------------------- /docs/UseCases/Images/retrieve_sbom_02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/retrieve_sbom_02.png -------------------------------------------------------------------------------- /docs/UseCases/Images/retrieve_sbom_03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/retrieve_sbom_03.png -------------------------------------------------------------------------------- /docs/UseCases/Images/stix-pcs-pes-usecase.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Images/stix-pcs-pes-usecase.png -------------------------------------------------------------------------------- /docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/IE01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/IE01.png -------------------------------------------------------------------------------- /docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/IIA01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/IIA01.png -------------------------------------------------------------------------------- /docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/IIID01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/IIID01.png -------------------------------------------------------------------------------- /docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/Pace_Sbom_Vex_Flags_Prioritization/README.md -------------------------------------------------------------------------------- /docs/UseCases/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/README.md -------------------------------------------------------------------------------- /docs/UseCases/collect_sbom_from_device.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/collect_sbom_from_device.md -------------------------------------------------------------------------------- /docs/UseCases/collect_sbom_from_url.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/collect_sbom_from_url.md -------------------------------------------------------------------------------- /docs/UseCases/collect_sbom_with_command.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/collect_sbom_with_command.md -------------------------------------------------------------------------------- /docs/UseCases/enterprise_security_posture.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/enterprise_security_posture.md -------------------------------------------------------------------------------- /docs/UseCases/ips-pcs-pes-usecase.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/ips-pcs-pes-usecase.md -------------------------------------------------------------------------------- /docs/UseCases/retrieve_sbom.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/retrieve_sbom.md -------------------------------------------------------------------------------- /docs/UseCases/stix-pcs-pes-usecase.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/UseCases/stix-pcs-pes-usecase.md -------------------------------------------------------------------------------- /docs/oval-samples/oval-sample-collection-only.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/oval-samples/oval-sample-collection-only.xml -------------------------------------------------------------------------------- /docs/oval-samples/oval-sample-full-policy.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/oval-samples/oval-sample-full-policy.xml -------------------------------------------------------------------------------- /docs/sacm-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/sacm-architecture.png -------------------------------------------------------------------------------- /docs/seq-linked-pcs-pes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/opencybersecurityalliance/PACE/HEAD/docs/seq-linked-pcs-pes.png --------------------------------------------------------------------------------