CyOTE OPTIC

CyOTE Operational Process for Trigger Identification and Comprehension (OPTIC)

Contact Us

The CyOTE™ OPTIC application serves as an intuitive compass for professionals navigating the nuanced cyber anomalies. The application is poised to be an invaluable asset in discerning anomalous events and gauging when the amassed evidence necessitates escalation, either in the form of a strategic threat hunt or an immediate threat response. OPTIC has been engineered for standalone efficacy but its true potential shines when leveraged across an entire organization. OPTIC cultivates a collaborative culture of cyber awareness by facilitating a shared comprehension of anomalous events across diverse business units. This application provides the user with a workflow that takes the organization‘s maturity into account, as defined by the Cybersecurity Capability Maturity Model (C2M2). OPTIC is equipped with a unique capability to discover similarities to historical cyber indicators of attack. This not only aids users in identifying potential threats in their infancy but also provides contextual references to the MITRE ATT&CK® for ICS TTPs. The user will discover potential countermeasures aligned with the NIST Cybersecurity Framework and NIST Special Publication (SP) 800-82. CyOTE™ practitioners can embark on in-depth analysis missions, culminating in the generation of comprehensive reports ready for dissemination. (OSTI PID No. TBD)

Research and Development Technology Readiness Level

*As utilized by the Department of Energy Office of Technology Transfer