Security News > 2023 > August > At Black Hat, Splunk, AWS, IBM Security and Others Launch Open Source Cybersecurity Framework

A consortium led by Splunk and AWS are hoping to fix this by standardizing how events are noted in logs, reducing the burden on security teams to decipher alerts they receive from multiple tools and vendors.

Last week at Black Hat, security vendor Splunk announced the general availability of the Open Cybersecurity Schema Framework.

Now, OCSF comprises 145 security companies including AWS and IBM and 435 individual contributors.

Splunk describes OCSF as an open and extensible framework that organizations can integrate into any environment, application or solution to complement existing security standards and processes.

Patrick Coughlin, general vice president of security markets at Splunk, noted that security teams at organizations often use up to 100 tools, each with different structures, formats and ways of showing alerts.

"If there are several proprietary taxonomies for alerts - one for each of your security vendors - you can no longer tell if they are alerting for the same event or not. By contrast, the security solutions that utilize the OCSF schema produce data in the same consistent format, so security teams can save time and effort on normalizing the data and get to analyzing it sooner, accelerating time-to-detection."

News URL

https://www.techrepublic.com/article/blackhat-ocsf-new-security-schema/