Virtualization Technology News and Information
Article
RSS
Open Cybersecurity Schema Framework (OCSF) Joins the Linux Foundation to Optimize Critical Security Data
The Linux Foundation welcomed the Open Cybersecurity Schema Framework (OCSF) to the Linux Foundation family of projects. This new partnership aims to drive the development and adoption of an open, extensible framework for cybersecurity data schemas. OCSF enables security teams and data producers to work seamlessly within a standardized framework to accelerate threat detection, response, and innovation.

Founded in 2022 with support from leading technology companies-including AWS, Cisco, IBM, Splunk, and derived from schema work done by Broadcom (Symantec)-OCSF provides a unified language to simplify and standardize how security data is managed, shared, and analyzed across diverse environments. The OCSF project has grown significantly into a thriving ecosystem with over 900 contributors and 200 participating organizations, including security-focused independent software vendors (ISVs), government agencies, educational institutions, and enterprises. With OCSF now under the Linux Foundation, contributors have greater access to develop and expand a framework that empowers data producers, engineers, and security teams to work together seamlessly to effectively address emerging cyber threats.

"With cybersecurity incidents on the rise, the need for collaborative, open source solutions grows with each passing day," said Executive Director of the Linux Foundation, Jim Zemlin. "We are pleased to bring the Open Cybersecurity Schema Framework into the Linux Foundation, marking a unique opportunity for the industry to converge on how security data is managed and used." 

Detection engineering, threat hunting, analytics development, and the rise of artificial intelligence are often hindered by the absence of a standard format and data model for cybersecurity logs and alerts. The OCSF framework comprises a set of data types, an attribute dictionary, and a taxonomy. Since its initial release of version 1.0.0 in September 2023, OCSF has undergone rapid evolution, demonstrating the community's commitment to continuously enhancing the framework. The latest version, 1.3.0, released in August 2024, introduces new event classes for software inventory, remediation activities, and an OSINT profile for cyber threat intelligence enrichment, further solidifying OCSF's role in standardizing cybersecurity data. Developed initially as a schema for cybersecurity events, the OCSF's open standard can today be adopted in any environment, application, or solution. 

For more information and to contribute, visit: https://ocsf.io/.  

AWS

"We believe that joining the Linux Foundation will strengthen OCSF's role as a leading open security data schema and accelerate its adoption across the industry," said Gee Rittenhouse, Vice President of Security Services, AWS. "With the Linux Foundation's extensive resources and strong governance model, we aim to empower the security community to collaborate more effectively and drive innovation in addressing cyber risks."

Broadcom

"Broadcom is proud to have contributed the Symantec ICD schema as the foundation for the OCSF project. We support OCSF in our own portfolio today, helping streamline Security Operations for organizations that leverage a wide range of telemetry sources in their investigations," said Jason Rolleston, Vice President and General Manager, Enterprise Security Group, Broadcom. "Joining the Linux Foundation will greatly enhance the visibility of OCSF, increase innovation around the standard, and hasten its overall adoption."

Cisco

"In my experience developing eBPF and Cilium, I've seen firsthand how open standards can drive innovation and efficiency. Adopting the Open Cybersecurity Schema Framework (OCSF) under the Linux Foundation will similarly enable organizations like Cisco to enhance real-time threat detection and response," said Thomas Graf, Co-founder and Chief Technology Officer, Isovalent, now part of Cisco. "By reducing the friction associated with data normalization, we can focus more on proactive security strategies and delivering value to our customers."

IBM

"OCSF and IBM share a passion for open-source innovation and a commitment to strengthening the cybersecurity community," said Sridhar Muppidi, IBM Fellow, VP & CTO, IBM Security. "As AI and hybrid cloud transformation evolve, OCSF's work is more crucial than ever. We're excited to support its journey with the Linux Foundation and to continue shaping a secure, collaborative future together."

Published Tuesday, November 19, 2024 2:40 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2024>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567