An open source initiative to eliminate data silos that hinder security teams was announced by a consortium of technology and cybersecurity leaders. The Open Cybersecurity Schema Framework (OCSF) project, which was unveiled today at Black Hat USA 2022, will aid enterprises in quicker and more efficient cyberattack detection, investigation, and retaliation.
The ICD Schema work completed at Symantec, a division of Broadcom, served as the foundation for the OCSF project, which was conceptualised and launched by AWS and Splunk. 15 additional founding members have contributed to the OCSF, including Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Securonix, Sumo Logic, Tanium, Trend Micro, and Zscaler. All members of the cybersecurity community are welcome to use and contribute to the OCSF as of right now.
Coordination amongst cybersecurity systems is necessary to identify and thwart today’s assaults, but sadly, standardising data from many sources takes a lot of time and money. All security teams can benefit from better, quicker data input and analysis with the help of the open source OCSF, which eliminates the need for time-consuming, upfront normalisation activities. It does this by providing a simplified, vendor-neutral taxonomy.
The OCSF is an open standard that is compatible with current security standards and procedures and can be implemented in any environment, application, or solution provider. Security data normalisation will get easier and less work for security teams as cybersecurity solution providers implement OCSF standards into their solutions. Adopting OCSF will allow security teams to concentrate more on data analysis, threat detection, and protecting their enterprises from intrusions.