Cybersecurity leaders launch open source project

15 companies including Splunk, AWS and Broadcom have collaborated to integrate security tools and resources and break down data silos.

A coalition of cybersecurity and technology leaders has announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema Framework (OCSF) project will help organisations detect, investigate and stop cyberattacks faster and more effectively.

The OCSF project was conceived and initiated by Amazon Web Services (AWS) and Splunk, building upon the ICD Schema work done at Symantec, a division of Broadcom. The OCSF includes contributions from 15 additional initial members, including CloudflareCrowdStrikeDTEXIBM SecurityIronNetJupiterOneOktaPalo Alto NetworksRapid7SalesforceSecuronixSumo LogicTaniumTrend Micro, and Zscaler. Starting today, all members of the cybersecurity community are invited to utilize and contribute to the OCSF.

Detecting and stopping today’s cyberattacks requires coordination across cybersecurity tools, but unfortunately normalizing data from multiple sources requires significant time and resources. The OCSF is an open-source effort aimed at delivering a simplified and vendor-agnostic taxonomy to help all security teams realise better, faster data ingestion and analysis without the time-consuming, up-front normalisation tasks.

The OCSF is an open standard that can be adopted in any environment, application, or solution provider and fits with existing security standards and processes. As cybersecurity solution providers incorporate OCSF standards into their products, security data normalization will become simpler and less burdensome for security teams. OCSF adoption will enable security teams to increase focus on analyzing data, identifying threats and defending their organisations from cyberattacks.

Patrick Coughlin, Group Vice President Security Market, Splunk says: “Security leaders are wrestling with integration gaps across an expanding set of application, service and infrastructure providers, and they need clean, normalized and prioritized data to detect and respond to threats at scale.

“This is a problem that the industry needed to come together to solve. That’s why Splunk is a proud member of the OCSF community — security is a data problem and we want to help create open standard solutions for all producers and consumers of security data.”

“Symantec and Broadcom Software are proud to have contributed our ICD schema as the foundation for the OCSF project. This is another proof-point of how we support open standards across the security industry," says Rob Greer, GM, Symantec Enterprise Division at Broadcom. “The OCSF community will streamline Security Operations for the many thousands of organisations that rely on telemetry from a wide range of sources to power their cybersecurity investigations.”

Mark Ryland, Director, Office of the CISO, AWS adds: “Having a holistic view of security-related data across tools is essential for customers to effectively detect, investigate and mitigate security issues. Customers tell us that their security teams are spending too much time and energy normalising data across different tools rather than being able to focus on analyzing and responding to risks.

"By increasing interoperability between tools, the OCSF aims to greatly accelerate our customers’ ability to understand and respond to cybersecurity concerns. Security is our top priority at AWS, and we are excited to work with the OCSF community to drive industry standards that make it easier for customers to operate more securely.”



Featured Articles

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Head of Industry Solutions at Illumio, Raghu Nandakumara, offers insight into the proposed ban on ransom payments and how businesses can utilise Zero Trust

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI

Gartner report highlights threat of supply chain attacks

Cyber Security