Open Cybersecurity Alliance unveils open source language to hook up security tools

The Open Cybersecurity Alliance (OCA) today announced the option of OpenDXL Ontology, the first open source language allowing you to connect cybersecurity tools through a common messaging framework. With open source code freely open to the security community, OpenDXL Ontology permits any tool to automatically gain the ability to communicate and interoperate with all the technologies using this language. Through the elimination of the need for custom integrations between individual products, this release marks a major milestone in the OCA’s mission to drive greater interoperability over the security industry.

The newly formed Open Cybersecurity Alliance was launched in October 2019 to connect the fragmented cybersecurity landscape with common, open source code and practices that allow companies to “integrate once, reuse everywhere.” Governed beneath the auspices of OASIS, the OCA now includes a lot more than 25 member organizations and has taken two major interoperability projects in to the open-source realm, with OpenDXL Ontology (contributed by McAfee) and STIX Shifter (contributed by IBM Security) available these days for cross-industry collaboration and development on GitHub.

As well as the availability of OpenDXL Ontology, the OCA can be announcing the forming of its Technical Steering Committee, including leaders from AT&T, IBM Security, McAfee, Packet Clearinghouse, and Tripwire, who'll drive the technical direction and development of the organization.

Open Source Language Schema to Connect Security Tools

The Open Data Exchange Layer (OpenDXL) is an open messaging framework that over 4,100 vendors and enterprises already employ to develop and share integrations with other tools. The release of the OpenDXL Ontology now offers an individual, common language for these notifications, information and actions across security products that any vendor can adopt so that you can communicate in a typical way with all the tools under this umbrella. This provides companies with a couple of tooling which can be applied once and automatically reused everywhere across all product categories, while also eliminating the necessity to update integrations as product versions and functionalities change.

For example, if some tool detects a compromised device, it might automatically notify all the tools and even quarantine that device by using a standard message format readable by all. While previously this is only possible with custom integrations between individual products, it will now be automatically enabled between all tools that adopt OpenDXL Ontology. Through continued development by the city, this common language will facilitate a wide variety of interoperability use cases, from sharing threat intelligence to triggering remediation between tools, such as for example isolating a device or updating a policy.

The adoption of OpenDXL Ontology can help create a stronger, united front to guard and protect across all types of security tools, while reducing the responsibility of point integrations between individual products.

OCA Momentum: 25+ Organizations GET TOGETHER for Open Security

Since launching five months ago, the OCA has expanded to add a lot more than 25 partner organizations, with the next new members joining: Armis, Center for Internet Security, CyberNB, Cydarm, Gigamon, Raytheon, Recorded Future, sFractal Consulting, and Tripwire. The entire list of members can be found here.

The OCA community happens to be collaborating on GitHub and Slack to help expand new open-source code and use-cases for cybersecurity industry interoperability. In addition to the development of OpenDXL Ontology for a common, open-source language between tools, the OCA can be continuing to build out functions for STIX-Shifter, a universal, out-of-the box search capability for security products of most types. Since bringing STIX Shifter to the open-source community, hundreds of visitors have accessed this technology on GitHub, with a large number of users initiating new project forks for development along with the principal STIX Shifter code.

The OCA will continue development for both STIX Shifter and OpenDXL Ontology, and is actively seeking additional contributors from over the security industry to greatly help guide and drive ground breaking new use cases for these open source projects.