The Open Cybersecurity Alliance (OCA) is a new initiative being established by technology vendors and software publishers under the auspices of the OASIS information technology standards consortium. Its aim is to develop open code, standards and tools that can connect technology products across the security ecosystem in order to foster data sharing across the threat lifecycle to enable more effective, real time information security intelligence that can better inform activities that include threat detection and hunting, analysis and incident response.
Initially, the content and code submitted has been supplied by IBM Security and McAfee. There are a further 16 vendors contributing as founder members and further participation is welcomed.
Why now?
There are many forces driving the need for greater automation of security controls. These include the need to control costs by automating manually intensive yet routine tasks that provide little added value, which is an ever-growing imperative owing to the widespread shortage of skilled security professionals. Without some level of automation, the speed and scale that organisations would like to achieve in business operations is almost impossible to achieve. However, many are embarking on more extensive automation programmes. Recent research by Enterprise Management Associates shows that, whilst 52% of organisations are planning for automation initiatives or are in the early stages of implementation, 45% are advanced in their automation initiatives. Just 4% have no plans to automate processes.
This push towards automation has led to an explosion in the number of point security products deployed by organisations, designed to solve a particular issue. As a result, even though many are trying to consolidate the number of vendors that they deal with, many security executives report that they are still overwhelmed by the number of vendors and products that they must manage.
But it is not just the executives who are feeling the pain. Staff in security operations centres report alert fatigue – dealing with an excessive number of alerts from disparate vendors. According to the most recent Cisco CISO benchmark survey, almost four-fifths of respondents stated that managing alerts from multiple vendors is challenging. The more vendors that they use, the greater the challenge becomes. As a result, they can only respond to half of the alerts that they receive, resulting in problems being fixed in just 43% of cases. Even more frustrating, only an average of 24% of alerts seen are reported as being legitimate. Anything that could help to sort out this problem would be welcome.
Automation can do much to help, with 77% of respondents to a recent survey by AIIM reporting improved alert monitoring and prioritisation and 71% seeing reduced response times when incidents occur. Yet, just 55% report elimination of alert fatigue and only half state that automation results in better prioritisation of security operation activities.
One of the main problems that remains is the lack of integration among tools aimed at automating security processes. Although the situation is improving, the SANS Institute reports that almost half of organisations find their efforts to benefit from greater automation are hampered by having implemented too many tools that are not integrated. This means that, whilst the number of alerts that must be dealt with can be reduced, there is a lack of correlation among alerts being thrown up by different tools, hindering the ability to delve into contextual information related to how an incident occurred, what systems are impacted and the extent of the potential overall damage. Without integration among tools, organisations are often not able to realise the value of the technology that they have deployed.
Many vendors have taken steps to address problems with lack of integration among tools in an effort to provide their customers with greater resilience to security threats. Vendors now routinely offer application programming interfaces (APIs) to connect products more easily than the traditional method of writing custom interfaces.
Another important initiative is the development of platforms that contain multiple technology capabilities coupled together. An example of this is the development of security intelligence platforms, generally built on the basis of a security information and event management (SIEM) system. Among the tools being added to these platforms are security orchestration, automation and response (SOAR), user and entity behavioural analytics (UEBA), endpoint detection and response (EDR) and network analytics tools. Such tools help organisations in their quest for automation, aiding in their detection and response efforts by looking at contextual information from events seen in order to understand patterns of activity.
Platforms such as these ingest information from a wide range of sources that include not only the tools mentioned, but also a wide range of other sources. Some of those sources will be tightly integrated into the platform, whilst others that could potentially include physical security systems and human resources applications may require the building of one-off integrations.
Goals of the OCA
The establishment of the OCA is built on the realisation that security tools need to speak a common language so that interoperability can be achieved at the communication and data levels. According to IBM Security, the goal of the OCA is to enhance interoperability and collaboration around various different standards, tools, procedures and open source libraries. Through this, organisations will be able to create a more sustainable approach to addressing the increasing volume and sophistication of security threats by being better able to identify, drill into and prioritise remediation more effectively.
The following are the initial contributions to the OCA made by founder members:
- STIX Shifter – developed by IBM Security, STIX Shifter is an open source library of information regarding potential threats that will enable organisations to translate information into a more easily digestible format and that will help create a standardised cybersecurity data model. It can ingest threat information from diverse data sources and then convert them into a common STIX 2 Observations format, getting away from the time-consuming task of cleansing and normalising disparate data feeds before they are usable.
- OpenDXL – developed by McAfee, Open DXL is a foundational transport layer for communicating and sharing security information among technology tools to better enable real time and more accurate security decisions to be made and actions to be taken.
- OpenC2 – now incorporated into OASIS, OpenC2 is an effort to develop an open standards-driven language based on nouns and verbs needed to encode human intent and decisions in machine-readable format to denote the courses of action to be taken by an orchestrator of security response.
Open source is an essential element of the work being done under the auspices of the OCA in order to overcome the challenges presented by the fast paced and constant innovation being seen in technology today. A community that is based on collaboration and a shared approach represents the best way of addressing the future needs of organisations for achieving integration and interoperability and for benefiting from the rapid introduction of new and innovative technologies. It will enable organisations to treat automation, cybersecurity and risk as a business process, not an IT project.
To summarise the benefits that will be offered by the establishment of the OCA, Jason Keirstead, chief architect at IBM Security Threat Management, states: “The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted use of standards and code.” The more members that join and the wider its work is disseminated, the greater the benefits will be for all.
The first step toward greatness is to be honest.
The post of honour is the post of danger.
Today, I went to the beach with my kids. I found a sea shell and gave it to my 4 year old daughter and said “You can hear the ocean if you put this to your ear.” She put the shell to her ear and screamed. There was a hermit crab inside and it pinched her ear. She never wants to go back! LoL I know this is entirely off topic but I had to tell someone!
When I originally commented I clicked the -Notify me when new comments are added- checkbox and now each time a comment is added I get four emails with the same comment. Is there any way you can remove me from that service? Thanks!
A person necessarily assist to make significantly articles I’d state. This is the first time I frequented your website page and thus far? I surprised with the analysis you made to create this actual put up extraordinary. Magnificent task!
This is my first time pay a visit at here and i am really impressed to read all at single place.
Simply want to say your article is as amazing. The clarity in your post is
simply spectacular and i could assume you’re an expert on this subject.
Fine with your permission let me to grab your RSS feed to keep up to date
with forthcoming post. Thanks a million and please continue the rewarding work.
Whats up this is somewhat of off topic but I was wondering if blogs use WYSIWYG editors or
if you have to manually code with HTML. I’m
starting a blog soon but have no coding experience so I wanted to get guidance
from someone with experience. Any help would be enormously appreciated!
hey there and thank you for your information ? I have definitely
picked up something new from right here. I did however expertise several technical issues using this site, as I experienced
to reload the site a lot of times previous to I could get it to load properly.
I had been wondering if your web hosting is OK?
Not that I’m complaining, but sluggish loading instances times will sometimes affect your placement in google and could
damage your high quality score if ads and marketing with Adwords.
Well I am adding this RSS to my email and can look
out for much more of your respective exciting content.
Ensure that you update this again soon.
my site … Tetra Male Enhancement (Ramonita)
I every time emailed this weblog post page to all my friends, as if like to read it next my
friends will too.
Excellent pieces. Keep posting such kind of info on your page.
Im really impressed by it.[X-N-E-W-L-I-N-S-P-I-N-X]Hey there, You have
done a fantastic job. I will definitely digg it and personally suggest
to my friends. I’m confident they will be
benefited from this site.
Check out my web page: Wawza Apple Cider Vinegar Reviews (Chet)
I’m really enjoying the design and layout of your website.
It’s a very easy on the eyes which makes it much more pleasant for me to come here and visit more
often. Did you hire out a designer to create your theme?
Fantastic work!
Great post, you have pointed out some great details, I
as well believe this is a very superb website.
Here is my webpage: Vialis Male Enhancement Pills
Hi, i read your blog from time to time and i own a similar one and i was just curious
if you get a lot of spam remarks? If so how do you prevent it,
any plugin or anything you can recommend? I get so much lately it’s driving me mad so any support is
very much appreciated.
Here is my blog; Niva CBD Gummies Reviews
Excellent post. I definitely love this website.
Keep writing!
Wow, this post is nice, my younger sister is analyzing such things,
therefore I am going to convey her.
My web page – http://forum.adm-tolka.ru
Right here is the right webpage for everyone who really wants to find out about this topic.
You understand a whole lot its almost tough
to argue with you (not that I really would want to?HaHa). You definitely put a
fresh spin on a subject that has been discussed for ages.
Excellent stuff, just great!
My homepage: Vigor Max Male Enhancement
At this momеnt I am going to do my breɑkfast, later than havingg my breakfast coming again to read other news.
Also vvisit my page … kunjungi situs
It’s actually a cool and useful piece of info.
I’m happy that you simply shared this helpful information with
us. Please keep us informed like this. Thanks for sharing.
Feel free to surf to my site – Wawza Apple Cider Vinegar [foroagua.com]
Thank you for your whole labor on this site. My mom takes pleasure
in conducting internet research and it’s really obvious why.
A lot of people notice all concerning the powerful ways you offer priceless tricks through this web blog and
as well encourage contribution from the others on that content while
our favorite child is actually discovering a whole lot.
Enjoy the rest of the new year. You are doing a terrific job.
Feel free to surf to my web site :: Infinuity CBD Gummies
Pretty! This has been an extremely wonderful post. Thanks for providing this information.
You made some good points there. I checked on the internet for more information about the issue and found most individuals will go along with
your views on this website.
I would like to thank you for the efforts you’ve put in penning this site.
I am hoping to view the same high-grade blog posts by you in the future as well.
In fact, your creative writing abilities has encouraged me to get my own, personal site now 😉
Hi to every one, the contents present at this web site are really amazing for
people knowledge, well, keep up the nice work fellows.
Here is my web page – Optimum Keto
It’s perfect time to make some plans for the future and it is time to
be happy. I’ve read this post and if I could I desire to suggest you some interesting
things or suggestions. Perhaps you can write next articles referring to
this article. I want to read more things about it!
Appreciating the persistence you put into your website and in depth information you provide.
It’s great to come across a blog every once in a while that isn’t the same unwanted rehashed material.
Excellent read! I’ve saved your site and I’m adding your RSS feeds
to my Google account.
Pretty section of content. I just stumbled upon your
weblog and in accession capital to assert that I get actually enjoyed account your blog posts.
Any way I will be subscribing to your feeds and even I achievement you
access consistently quickly.
If some one wants to be updated with most recent technologies after that he
must be pay a quick visit this website and be up to date everyday.
Feel free to surf to my page Cogni360 Reviews
I always was concerned in this subject and stock still am, regards for posting.
Have a look at my page PureKana CBD
This is my first time visit at here and i am actually happy to read
all at alone place.
I was pretty pleased to uncover this website.
I wanted to thank you for ones time for this fantastic read!!
I definitely enjoyed every little bit of it and i also have you saved as a favorite
to look at new stuff in your blog.
Hello my friend! I want to say that this post is amazing, nice written and
come with approximately all vital infos. I would like to see
more posts like this.
Also visit my blog post … http://www.comptine.biz
Hey there, You have done an incredible job. I’ll definitely
digg it and personally recommend to my friends.
I am confident they will be benefited from this site.
Excellent article. Keep posting such kind of information on your
site. Im really impressed by it.
Hi there, You’ve done an incredible job. I will definitely digg
it and individually recommend to my friends.
I’m sure they’ll be benefited from this site.
Fantastic beat ! I would like to apprentice whilst you amend your web site,
how could i subscribe for a blog site? The account aided me a appropriate deal.
I had been tiny bit acquainted of this your broadcast
offered brilliant clear idea
Hi, just wanted to say, I liked this post. It was practical.
Keep on posting! quest bars http://bit.ly/3jZgEA2 quest bars
I’m truly enjoying the design and layout of your blog. It’s a very easy on the eyes which makes it much more
pleasant for me to come here and visit more often. Did you hire out a designer to create your theme?
Fantastic work!
Also visit my blog Imarais Beauty
I just like the helpful info you provide for your articles.
I will bookmark your blog and take a look at again here regularly.
I am moderately certain I will be told lots of new stuff right here!
Best of luck for the following!
Feel free to surf to my webpage: Clean Cut Keto Review
Hi, just wanted to say, I enjoyed this article.
It was practical. Keep on posting! cheap flights http://1704milesapart.tumblr.com/ cheap flights
Oh my goodness! Amazing article dude! Thank you, However I am
experiencing troubles with your RSS. I don’t understand the reason why I cannot subscribe to it.
Is there anyone else having the same RSS problems? Anyone that knows
the answer can you kindly respond? Thanks!!
scoliosis surgery https://0401mm.tumblr.com/ scoliosis surgery
There’s definately a great deal to know about this subject.
I really like all the points you made. asmr https://app.gumroad.com/asmr2021/p/best-asmr-online asmr
I really like your writing style, great info, regards for
putting up :D.
Have a look at my webpage; Salina
This post is priceless. How can I find out more? scoliosis surgery https://coub.com/stories/962966-scoliosis-surgery scoliosis surgery
It’s enormous that you are getting ideas from this paragraph as well as from our dialogue made at
this place. ps4 games https://bitly.com/3nkdKIi ps4 games
Really when someone doesn’t be aware of after that its up to other visitors that they will
help, so here it takes place. quest bars https://www.iherb.com/search?kw=quest%20bars quest bars
Awesome! Its truly remarkable paragraph, I have got much clear idea regarding from this piece of writing.
Also visit my blog post :: Libido Build Rx
I dugg some of you post as I cogitated they were very useful very useful.
Feel free to visit my homepage: Nature Leaf CBD Gummies Reviews
I absolutely love your blog and find most of your post’s to
be just what I’m looking for. Do you offer guest writers to write
content for you personally? I wouldn’t mind writing a post or elaborating
on a number of the subjects you write concerning
here. Again, awesome website!
My website :: Ultra Quick Keto Cleanse
I used to be able to find good info from your blog articles.
my blog post: Nucentix Keto X3
Greetings from Colorado! I’m bored to tears at
work so I decided to browse your site on my iphone during lunch break.
I enjoy the information you provide here and can’t wait to take a look when I get home.
I’m shocked at how fast your blog loaded on my cell phone ..
I’m not even using WIFI, just 3G .. Anyhow,
wonderful blog!
Feel free to surf to my website: Keto Rapid Trim Reviews
Great post, you have pointed out some wonderful points, I also believe this s a very great website.
Would you be excited about exchanging hyperlinks?
Good blog post. I definitely love this site. Continue the good work!
I think this is among the most significant information for me.
And i am glad reading your article. But should remark on few general things, The
site style is perfect, the articles is really excellent : D.
Good job, cheers
I am not rattling great with English but I find this real leisurely to translate.
Many talk like philosophers yet live like fools.
I am so happy to read this. This is the kind of manual that needs to be given and not the accidental misinformation that’s at the other blogs. Appreciate your sharing this greatest doc.
Hello my friend! I want to say that this article is amazing, great written and include almost all significant infos. I would like to look more posts like this.
Thank you for sharing superb informations. Your site is very cool. I’m impressed by the details that you have on this site. It reveals how nicely you perceive this subject. Bookmarked this website page, will come back for extra articles. You, my pal, ROCK! I found simply the information I already searched all over the place and simply couldn’t come across. What a great web site.
he blog was how do i say it… relevant, finally something that helped me. Thanks
I want to to thank you for this wonderful read!! I definitely enjoyed every little bit of it.
I have you book marked to look at new things you post…
I believe this site holds very excellent composed subject material articles.
I was looking at some of your blog posts on this site and I think this site is very instructive! Keep on posting.
I wanted to thank you for this great read!! I definitely enjoying every little bit of it I have you bookmarked to check out new stuff you post…
Its superb as your other content : D, thanks for putting up. “Music is the soul of language.” by Max Heindel.
Hello there! This post couldn’t be written much better!
Going through this post reminds me of my previous roommate!
He continually kept preaching about this. I most certainly will
forward this post to him. Fairly certain he’s going to
have a very good read. Thanks for sharing!
You really make it appear really easy together with your presentation however I find this matter to be really one thing which I feel I would
never understand. It seems too complicated
and very large for me. I’m taking a look ahead to your next put up, I will
try to get the cling of it!
I love it when people come together and share views.
Great website, keep it up!
hi!,I like your writing very a lot! share we keep up a
correspondence extra about your article on AOL? I require an expert
in this area to solve my problem. May be that’s
you! Having a look ahead to look you.
Keep this going please, great job!
Hey There. I found your weblog the use of msn. This is an extremely well written article.
I’ll make sure to bookmark it and return to learn extra of
your useful information. Thank you for the post.
I will definitely return.
Amazing! This blog looks just like my old one! It’s on a entirely different topic but
it has pretty much the same page layout and design. Wonderful choice of colors!
My programmer is trying to persuade me to move
to .net from PHP. I have always disliked the idea because of the expenses.
But he’s tryiong none the less. I’ve been using Movable-type on a
variety of websites for about a year and am nervous about switching to
another platform. I have heard very good things about blogengine.net.
Is there a way I can transfer all my wordpress content into it?
Any kind of help would be really appreciated!
What’s up all, here every one is sharing these kinds of familiarity, thus it’s pleasant to read this blog, and I used to pay a visit this weblog daily.
certainly like your website but you need to take a look at the spelling on several of your posts.
Many of them are rife with spelling problems and I to find it very troublesome to inform
the reality nevertheless I’ll certainly come back again.
Admiring the dedication you put into your site and in depth information you provide.
It’s great to come across a blog every once in a while that isn’t the same unwanted rehashed material.
Fantastic read! I’ve saved your site and I’m including your RSS feeds to my Google account.
I’m really enjoying the design and layout of your website.
It’s a very easy on the eyes which makes it much more enjoyable for me to come
here and visit more often. Did you hire out a designer to create your theme?
Great work!
Ahaa, its pleasant discussion concerning this piece of writing here at this webpage,
I have read all that, so now me also commenting here.
I must thank you for the efforts you have put in penning this
site. I am hoping to view the same high-grade content by you in the future as well.
In truth, your creative writing abilities has motivated me
to get my own blog now 😉
Amazing issues here. I am very happy to peer your article.
Thank you a lot and I’m looking forward to touch you. Will you kindly drop me a mail?
Hey there! Do you know if they make any plugins to help with
Search Engine Optimization? I’m trying to get my blog to rank for
some targeted keywords but I’m not seeing very good
gains. If you know of any please share. Kudos!
My spouse and I absolutely love your blog and find most of your post’s to be exactly I’m looking for.
Would you offer guest writers to write content in your case?
I wouldn’t mind producing a post or elaborating on most of the subjects you write
in relation to here. Again, awesome site!