Several large technology companies in the world have come together to improve the tracking of cyber attacks. To do this, they have created a new standard for online intelligence sharing: the Open Cybersecurity Schema Framework (OCSF). According to Techradar Pro, it is supported by tech giants like AWS, Splunk, and IBM’s cybersecurity division, as well as thirteen other big tech companies: CrowdStrike, Rapid7, Palo Alto Networks, Cloudflare, DTEX systems, IronNet , JupiterOne, Okta, Salesforce, Securonix, Sumo Logic, Tanium, Xscales and Trend micro.
This standard, announced during the BlackHat conference, which is held in the United States, will allow, when it is operational, to standardize the notifications that arrive from different cybersecurity monitoring points. In this way, companies will be able to interpret information about what can, or will, happen in terms of cyber attacks, more quickly.
As things stand today, IT teams are forced to work with multiple dashboards for different types of events, such as connecting to an account. Sometimes they also have to write additional code, or reformat data to get information from one dashboard to appear properly in another. This will end when new open standards are established and adopted. Then, with a single panel, and unified messages, it will be possible to better understand the warnings of dangers or threats received. Also receive more information about security.
Work on the documentation of this standard for tracking and tracing cyberattacks began more than a year ago at Symantec, and it is currently in a GitHub repository enabled specifically for it.
Patrick Coughlin, Vice President of Security Market at Splunkhas underlined the fact that «security leaders are struggling with integration gaps in a growing set of applications, services, and infrastructure providers. They need clean, normalized, prioritized data to detect and respond to threats at scale. This is a problem that must be solved with the union of the sector«.
