March 5, 2020 By Anshul Garg 3 min read

Over the years, organizations have added countless point products for individual use cases. This has made the integration of these cybersecurity products an increasingly daunting challenge for organizations. Effective security architecture requires products to work together to share telemetry data, identify and remediate vulnerabilities, meet compliance demands and more.

Unfortunately, this is not happening — in fact, security complexity is now the biggest challenge for organizations, according to Forrester Research. As a result, security analysts are spending time on integrations, which can lead to them missing critical vulnerabilities.

How the Open Cybersecurity Alliance Helps With Security Complexity

To help clients address this problem, industry pioneers came together to foster the interoperability of security products based on open standards. Thus, the Open Cybersecurity Alliance (OCA) was formed in October 2019.

The purpose of the OCA is to develop and promote sets of open-source common content, code, tooling, patterns and practices to maximize interoperability and the sharing of data among cybersecurity tools. The aim is to simplify the integration of security technologies across the threat life cycle — from threat hunting and detection to analytics, operations and response — so that products can work together out of the box.

For enterprise users, this means:

  • Improving security visibility and the ability to discover new insights that might otherwise go unseen
  • Extracting more value from existing products and reducing vendor lock-in
  • Connecting data and sharing insights across products

OCA founders IBM Security and McAfee were joined in the initiative by Advanced Cyber Security Corp, Corsa, CyberArk, Cybereason, DFLabs, EclecticIQ, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient and Tufin.

Image: Open Cybersecurity Alliance launch in October 2019

Recent Developments From the Open Cybersecurity Alliance

Since launching, the Open Cybersecurity Alliance has been working diligently and has made strong progress on its mission in the last few months. Some recent developments include:

  • Availability of OpenDXL Ontology OpenDXL Ontology, the first open-source language for connecting cybersecurity tools through a common messaging framework, is now available. With open-source code freely available to the security community, OpenDXL Ontology enables any tool to automatically gain the ability to communicate and interoperate with all other technologies using this language. By eliminating the need for custom integrations between individual products, this release marks a major milestone in the OCA’s mission to drive greater interoperability across the security industry.
  • Industry collaboration on open standards — Governed under the auspices of OASIS, the OCA now includes more than 25 member organizations and has brought two major interoperability projects into the open-source realm, with OpenDXL Ontology (contributed by McAfee) and STIX Shifter (contributed by IBM Security) now available for cross-industry collaboration and development on GitHub. New members that have joined since the launch include Armis, Center for Internet Security, Cyber NB, Cydarm, Gigamon, Raytheon, Recorded Future, sFractal Consulting and Tripwire.
  • An ecosystem for future projects — The OCA has announced the formation of its Technical Steering Committee, including leaders from AT&T, IBM Security, McAfee, Packet Clearing House and Tripwire, who will drive the technical direction and development of the organization.

Complete details of these developments can be found in a recent press release issued by the OCA and this blog by Jason Keirstead, a member of the OCA Project Governing Board.

Why Open Security Is the Way Forward

Consider the scenario in which each of the vendors in an organization’s security infrastructure brings its own proprietary tooling and protocols. There would be no way to make sense of the important and ever-growing data available. The adoption of open source and open tooling facilitates the objectives of security teams and allows them to better respond to shifts in the cybersecurity landscape. Security expert Kelly Brazil has an interesting perspective on this, even comparing the work being done by the OCA to choreography.

As a co-leader of the Marketing Group of the OCA, I could not be more excited about the progress that we have made, and I’m optimistic about what the future holds. One of the key reasons for the success of this group is the adoption of open source. Since the OCA is formed under the auspices of OASIS, has involvement from pioneers of the security industry and has shown great progress in the last few months, we can safely say that the OCA is on the path of its mission to “integrate once, reuse everywhere.”

More from

What’s behind unchecked CVE proliferation, and what to do about it

4 min read - The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations' cyber defenses. According to SecurityScorecard, there were 29,000 vulnerabilities recorded in 2023, and by mid-2024, nearly 27,500 had already been identified.Meanwhile, Coalition's 2024 Cyber Threat Index forecasts that the total number of CVEs for 2024 will hit 34,888—a 25% increase compared to the previous year. This upward trend presents a significant challenge for organizations trying to manage vulnerabilities and mitigate potential exploits.What’s behind…

Quishing: A growing threat hiding in plain sight

4 min read - Our mobile devices go everywhere we go, and we can use them for almost anything. For businesses, the accessibility of mobile devices has also made it easier to create more interactive ways to introduce new products and services while improving user experiences across different industries. Quick-response (QR) codes are a good example of this in action and help mobile devices quickly navigate to web pages or install new software by simply scanning an image.However, legitimate organizations aren’t the only ones…

Cybersecurity Awareness Month: 5 new AI skills cyber pros need

4 min read - The rapid integration of artificial intelligence (AI) across industries, including cybersecurity, has sparked a sense of urgency among professionals. As organizations increasingly adopt AI tools to bolster security defenses, cyber professionals now face a pivotal question: What new skills do I need to stay relevant?October is Cybersecurity Awareness Month, which makes it the perfect time to address this pressing issue. With AI transforming threat detection, prevention and response, what better moment to explore the essential skills professionals might require?Whether you're…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today