It’s long been known that security is not a problem that companies, even large corporations, can solve on their own. It takes a community working together to battle the kinds of problems that companies are facing today when it comes to cybersecurity.
This morning at the Black Hat USA conference in Las Vegas; AWS, Splunk and Symantec (which is now part of Broadcom) announced a new open source cybersecurity project called the Open Cybersecurity Schema Framework (OCSF) project.
The idea behind the project, according to Mark Ryland, director of the office of the CISO at AWS, one of the lead companies involved in the project, is to provide a common way for different security tools to share data.
“The reason for the project was we got more and more customer input and signal that they were using plenty of security tools — there would never be one security tool to rule all them all — but at the same time, it was difficult to wrangle the data and make tools talk to one another to create common pools of data, to do the logical equivalent of a join operation across a tool,” Ryland told TechCrunch.
He said the group came together throughout this year because all were hearing a similar story from customers. “So the strong signal I think, from customers, and you can see from the list of vendors who are involved in this, they were getting the same signal. Customers wanted a way to make the data more interoperable and make it easier for tools to talk to one another. So that that was I think the the core reason for the working group [coming together],” he said.
The three lead contributors are joined by a who’s who of 15 additional companies including Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro and Zscaler.
Symantec had begun building something, and it was the basis for the discussion to build what became this project, according to Ryland. By open sourcing the project, he says the group believes it can better address company and the customer requirements over time.
“By putting the standard and some supporting tools on GitHub, now we have an open environment for commenting, pull requests and suggestions. So we can get input across the industry. And we certainly have other companies that have expressed interest in in joining the core working group,” he said.
The framework is available for download starting today on GitHub.