The cybersecurity threat landscape is a rapidly evolving one. As a result, there has been a virtual explosion of security products and attendant data. Organizations are subsequently saddled with the complex task of extracting real value from an ever-growing pile of data. To help organizations address this challenge, industry pioneers came together to foster the interoperability of security products based on open standards.
Consider this scenario. Vendors in an organization’s security infrastructure bring proprietary tooling and protocols. Consequently, organizations have no way to make sense of the important and ever-growing data because of the lack of interoperability. The Open Cybersecurity Alliance (OCA) was formed in October 2019, to address this problem.
The stated purpose of the OCA is to develop and promote sets of open-source common content, code, tooling, patterns and practices to maximize interoperability and the sharing of data among cybersecurity tools. The aim is to simplify the integration of security technologies across the threat life cycle — from threat hunting and detection to analytics, operations and response — so that products can work together out of the box.
Since launch, the OCA has made significant progress in the last few months. It recently made available the OpenDX Ontology, which is the first open-source language for connecting cybersecurity tools through a common messaging framework. Moreover, the OpenDX Ontology eliminates the need for custom integrations between individual products, which would, in turn, drive greater interoperability across the security industry.
Further, OCA, which has 25 member organizations, has brought two major interoperability projects into the open-source realm, thereby giving an impetus to industry collaboration on open standards. OpenDXL Ontology (contributed by McAfee) and STIX Shifter (contributed by IBM Security) are now available for cross-industry collaboration and development on GitHub.
Another recent development has been the formation of a Technical Steering Committee (TSC) to drive the technical direction and development of the OCA. Going by one of the first initiatives, the formalization of acceptance criteria for all new project contributions, the formation of the TSC is a significant step in creating an ecosystem for future projects.
The complete details of these developments can be found in a recent press release issued by the OCA and this blog by Jason Keirstead, a member of the OCA Project Governing Board.
Click here to read the original article published by Security Intelligence.
Please give your feedback on this article or share a similar story for publishing by clicking here.
