Security Giants formulate open-source consortiums to share key data

A number of prominent cybersecurity firms announced the launch of a new open-source collaboration on Wednesday, kicking off Black Hat USA 2022 in style.

The launch of a new open source project known as the Open Cybersecurity Schema Framework (OCSF) was announced by a group consisting of tech giants like Amazon Web Services, Salesforce, and IBM, as well as cybersecurity vendors like Splunk, Cloudflare, CrowdStrike, Palo Alto Networks, Okta, Trend Micro, Tanium and Zscaler, among others (OCSF).

A greater exchange of product-normalising data is desired to enhance cybersecurity generally. Everyone involved in cybersecurity is welcome to use and contribute to the OCSF.

The OCSF is described as an "open standard that can be adopted in any environment, application, or solution provider and fits with existing security standards and processes" in the firms' joint news announcement.

The OCSF is an open-source initiative to provide a streamlined and vendor-neutral taxonomy to aid all security teams in better, quicker data input and analysis.

Paul Agbabian, a senior executive at Splunk, revealed that the Integrated Cyber Defence (ICD) Schema work at Symantec, will be continued.

In a joint press release, the group said that "detection and halting today's intrusions involve collaboration across cybersecurity instruments, but sadly standardising data from numerous sources requires substantial effort and resources".

To strengthen cybersecurity for everyone, experts from participating organisations said it was urgent to start exchanging crucial data.

According to Patrick Coughlin, the group vice president of the security market at Splunk, "security leaders are grappling with integration gaps across an expanding set of application, service, and infrastructure providers, and they need clean, normalised, and prioritised data to detect and respond to threats at scale." "The industry needed to get together to fix this issue,"

According to Mark Ryland, director of the office of the CISO at AWS, "having a comprehensive view of security-related data across technologies is crucial for customers to efficiently detect, analyze, and remediate security threats."

Customers tell us that their security teams are spending too much time and effort standardising data across various technologies instead of being able to concentrate on assessing and addressing risks, Ryland continued.

DTEX, IBM Security, IronNet, JupiterOne, Rapid7, Salesforce, Securonix, and Sumo Logic, among other firms, were involved in the launch of a new OCSF.

According to Sridhar Muppidi, IBM Fellow, vice president, and CTO at IBM Security, "Cybersecurity is one of the most important concerns of the 21st century, and no single institution, agency, or vendor can handle it alone. IBM Security has long backed open-source software and open standards, and we think that common data formats like the OCSF will enhance interoperability between many different cybersecurity systems."