Talk
Intermediate

Cyber Risk Modeling Language [CRML]

Review Pending

Session Description

I propose to present CRML

CRML is an open, declarative, engine-agnostic and Control / Attack framework–agnostic Cyber Risk Modeling Language. It provides a YAML/JSON format for describing cyber risk models, telemetry mappings, simulation pipelines, dependencies, and output requirements — without forcing you into a specific quantification method, simulation engine, or security-control / threat catalog.

CRML enables RaC (Risk as Code): risk and compliance assumptions become versioned, reviewable artifacts that can be validated and executed consistently across teams and tools.

https://github.com/Faux16/crml

Key Takeaways

  • Understanding the Cyber Risk Modeling Language

  • Able to write any cybersecurity data into CRML

  • Handling validation error in CRML

  • Running CRML engine to quantify cyber risks.

References

https://github.com/Faux16/crml

Session Categories

Contributing to FOSS
Tutorial about using a FOSS project

Speakers

Sanket Sarkar
Founder Zeron
https://www.linkedin.com/in/infosecsanket/
Sanket Sarkar

Reviews

0 %
Approvability
0
Approvals
0
Rejections
0
Not Sure
No reviews yet.