A group of cybersecurity companies this week announced the Open Cybersecurity Alliance (OCA), a joint effort focused on the development of open source security technologies.
Established with initial open source contribution from IBM Security and McAfee and formed under the OASIS (Organization for the Advancement of Structured Information Standards) international consortium, OCA brings together both organizations and individuals.
The focus of this new initiative is to come up with open source code to freely exchange information, insights, analytics, and orchestrated responses.
On average, organizations today use over 25 security tools from up to 10 vendors, and OCA aims to create the necessary protocols and standards to ensure these tools work together and share information between vendors.
Members of the alliance will work together to develop and promote open source common content, code, tooling, patterns, and practices that will ensure interoperability and data sharing. This should help enterprises improve security visibility, extract more value from existing products, reduce vendor lock-in, and connect data and share insights across products.
“The aim is to simplify the integration of security technologies across the threat lifecycle – from threat hunting and detection, to analytics, operations and response – so that products can work together out of the box,” OCA says.
Initial technology contributions to OCA include STIX-Shifter from IBM Security and OpenDXL Standard Ontology from McAfee. The former aims to create a universal, out-of-the box search capability for security products, while the latter focuses on creating an interoperable cybersecurity messaging format for the OpenDXL messaging bus.
Some of the companies to have already joined the alliance include Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin.
However, the OCA welcomes all organizations and individual contributors, from all around the world.
Related: Sophos Makes Sandboxie Free in Transition to Open Source
Related: FireEye Releases Open Source Persistence Toolkit ‘SharPersist’
Related: Cruise Releases Automated Firmware Security Analyzer to Open Source
More from Ionut Arghire
- 500k Impacted by Data Breach at Debt Buyer NCB
- Chinese Cyberspies Use ‘Melofee’ Linux Malware for Stealthy Attacks
- Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
- New Wi-Fi Attack Allows Traffic Interception, Security Bypass
- Casino Giant Crown Resorts Investigating Ransomware Group’s Data Theft Claims
- Over 200 Organizations Targeted in Chinese Cyberespionage Campaign
- Nigerian BEC Scammer Sentenced to Prison in US
Latest News
- Anti-Bot Software Firm DataDome Banks $42M Financing
- Unpatched Security Flaws Expose Water Pump Controllers to Remote Hacker Attacks
- 500k Impacted by Data Breach at Debt Buyer NCB
- Chinese Cyberspies Use ‘Melofee’ Linux Malware for Stealthy Attacks
- Why Endpoint Resilience Matters
- Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data
- 3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component
- UK Introduces Mass Surveillance With Online Safety Bill
