Open Cybersecurity Alliance Unveils First Open Source Language

The Open Cybersecurity Alliance (OCA) today announced the availability of OpenDXL Ontology, the first open source language for connecting cyber-security tools through a common messaging framework. With open source code freely available to the security community, OpenDXL Ontology enables any tool to automatically gain the ability to communicate and inter-operate with all other technologies using this language. It will eliminate the need for custom integrations between individual products

The newly formed Open Cybersecurity Alliance connects the fragmented cyber-security landscape with common, open source code and practices that allow companies to “integrate once, reuse everywhere.” Governed under the auspices of OASIS, the OCA now includes more than 25 member organizations and has brought two major intero-perability projects into the open-source realm, with OpenDXL Ontology (contributed by McAfee) and STIX Shifter (contributed by IBM Security) now available for cross-industry collaboration and development on GitHub. 

In addition to the availability of OpenDXL Ontology, the OCA is also announcing the formation of its Technical Steering Committee, including leaders from AT&T, IBM Security, McAfee, Packet Clearinghouse, and Tripwire, who will drive the technical direction and development of the organization. 

“With the adoption of public cloud and explosion of connected devices, the ability for enterprises to quickly respond to threats across ever-changing technologies, and even beyond perimeters, is critical, "says Brian Rexroad, Vice President of Security Platforms at AT&T. “OCA is driving an industrial shift in interoperability with the OpenDXL Ontology to support security at scale.” 

Open source language Schema to connect security tools 

The Open Data Exchange Layer (OpenDXL) is an open messaging framework that over 4,100 vendors and enterprises already utilize to develop and share integrations with other tools. The release of the OpenDXL Ontology now offers a single, common language for these notifications, information and actions across security products that any vendor can adopt in order to communicate in a standard way with all other tools under this umbrella. This provides companies with a set of tooling that can be applied once and automatically reused everywhere across all product categories, while also eliminating the need to update integrations as product versions and functionalities change. 

For example, if a certain tool detects a compromised device, it could automatically notify all other tools and even quarantine that device using a standard message format readable by all. While previously this was only possible with custom integrations between individual products, it will now be automatically enabled between all tools that adopt OpenDXL Ontology. Through continued development by the community, this common language will facilitate a wide variety of inter-operability use cases, from sharing threat intelligence to triggering remediation between tools, such as isolating a device or updating a policy. 

 

Also Read

Stay in the know with our newsletter