Security News > 2023 > August > At Black Hat, Splunk, AWS, IBM Security and Others Launch Open Source Cybersecurity Framework
A consortium led by Splunk and AWS are hoping to fix this by standardizing how events are noted in logs, reducing the burden on security teams to decipher alerts they receive from multiple tools and vendors.
Last week at Black Hat, security vendor Splunk announced the general availability of the Open Cybersecurity Schema Framework.
Now, OCSF comprises 145 security companies including AWS and IBM and 435 individual contributors.
Splunk describes OCSF as an open and extensible framework that organizations can integrate into any environment, application or solution to complement existing security standards and processes.
Patrick Coughlin, general vice president of security markets at Splunk, noted that security teams at organizations often use up to 100 tools, each with different structures, formats and ways of showing alerts.
"If there are several proprietary taxonomies for alerts - one for each of your security vendors - you can no longer tell if they are alerting for the same event or not. By contrast, the security solutions that utilize the OCSF schema produce data in the same consistent format, so security teams can save time and effort on normalizing the data and get to analyzing it sooner, accelerating time-to-detection."
News URL
https://www.techrepublic.com/article/blackhat-ocsf-new-security-schema/
Related news
- Open source maintainers: Key to software health and security (source)
- One-Third of UK Teachers Lack Cybersecurity Training, While 34% Experience Security Incidents (source)
- MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more! (source)
- Balancing legal frameworks and enterprise security governance (source)
- Enhancing national security: The four pillars of the National Framework for Action (source)
- Osmedeus: Open-source workflow engine for offensive security (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- A closer look at the 2023-2030 Australian Cyber Security Strategy (source)
- Am I Isolated: Open-source container security benchmark (source)
- The ROI of Security Investments: How Cybersecurity Leaders Prove It (source)