A group of key cybersecurity companies has allied to form a new open-source consortium to share key data.
The announcement by a group of cybersecurity companies—including Splunk, Amazon Web Services, Cloudflare, CrowdStrike, Palo Alto Networks, Okta, Trend Micro, Tanium and Zscaler, among others—revealed the launch of a new consortium called the Open Cybersecurity Schema Framework (OCSF).
The cunning plan is to share product-normalising data in order to improve cybersecurity. All members of the cybersecurity community are invited to use and contribute to the OCSF.
In the companies’ joint press release, the OCSF is referred to as an “open standard that can be adopted in any environment, application or solution provider and fits with existing security standards and processes”.
The initiative is described as a continuation of Paul Agbabian’s Integrated Cyber Defense (ICD) Schema work done at Symantec, a division of Broadcom. Agbabian is now a top executive at Splunk.
“Detecting and stopping today’s cyberattacks requires coordination across cybersecurity tools, but unfortunately normalising data from multiple sources requires significant time and resources”, the group stated in its joint press release.
“The OCSF is an open-source effort aimed at delivering a simplified and vendor-agnostic taxonomy to help all security teams realise better, faster data ingestion and analysis without the time-consuming, up-front normalisation tasks.”
Other outfits involved in the founding of the OCSF include DTEX, IBM Security, IronNet, JupitorOne, Rapid7, Salesforce, Securonix and Sumo Logic.
IBM Fellow, vice president and CTO at IBM Security Sridhar Muppidi said: “IBM Security is a long-standing supporter of open-source and open standards, and believes that common data formats like the OCSF will help improve interoperability among many different cybersecurity products.”