An industry initiative to allow data sharing and interoperability in the cybersecurity sector has won the support of 18 vendors.
The Open Cybersecurity Alliance (OCA), created by international consortium OASIS, will unite end users and organizations in an open cybersecurity ecosystem where products can share information, insights, orchestrated responses, and analytics.
The OCA will strive to increase the cybersecurity value of existing products and discover new security insights by supporting commonly developed code and tooling and encouraging practices for interoperability and sharing data among cybersecurity tools.
A key aim of the OCA will be to make it easier for different cybersecurity technologies to work together across the entire lifecycle of a threat.
In a statement issued earlier today, the OCA wrote: "According to industry analyst firm, Enterprise Strategy Group, organizations use 25 to 49 different security tools from up to 10 vendors on average, each of which generates siloed data.
"Connecting these tools and data requires complex integrations, taking away from time that could be spent hunting and responding to threats. To accelerate and optimize security for enterprise users, the OCA will develop protocols and standards which enable tools to work together and share information across vendors."
The alliance was spearheaded by IBM Security and McAfee and quickly attracted the support of Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin.
At OCA's heart will be two technologies developed by its founding members. The first is McAfee's cybersecurity messaging format OpenDXL Standard Ontology. The second is STIX-Shifter, a search capability for all types of security products based on an IBM open source library. This useful tool can identify information in data repositories that relates to potential threats, pop it into a usable format, and share it with any enabled security tool.
"Attackers maximize damage by sharing data with one another. Our best defense strategy is to share data too," said D.J. Long, vice president of business development at McAfee.
"Organizations will be able to seamlessly exchange data between products and tools from any provider that adopts the OCA project deliverables. We’re looking at the potential for unprecedented real-time security intelligence."