Edinburgh Napier University

  Organisations are facing an increasing number of cyber threats, which is making it evident that relying solely on security tools and technologies may fail to identify emerging threats, malware, and other indicators of compromise. As a result, organisations must remain vigilant in the face of ever-evolving cybercrime threats. In this context, the proposed solution will address this issue by facilitating the sharing of threat intelligence among trusted partners through a secure and reliable infrastructure and employing a unified threat language. Leveraging the Collaborative Automated Course of Action Operations (CACAO), this work will provide automated security playbook sharing, thereby enabling organisations to enhance their security posture, streamline their attack detection efforts, and reduce response times. The proposed work entails implementing trusted sharing through Hyperledger Fabric and a digital signature (Wallet), utilising the STIX 2.1 CACAO security playbooks. Through this approach, organisations can establish a collaborative and secure platform to share threat intelligence, enhance their situational awareness, and proactively address emerging cyber threats.