Information security and cybersecurity are a problem even large companies cannot handle alone. It takes an entire community working together to tackle all kinds of cybersecurity problems that companies are facing today. To combat this challenge, AWS (Amazon Web Services), Splunk, and Symantec presented an open-source project to make data sharing easier. The projected was presented this August at the Black Hat USA conference in Las Vegas, the world’s leading information security event.
The project is called the Open Cybersecurity Schema Framework (OCSF) and is designed to enable data sharing between security tools. Currently, many security tools are on the market and customer data is often still at the risk of a data breach. It is difficult to combine data and enable communication between the tools whilst ensuring data security. Yet developers must create a hassle-free way for different tools to share data and make data more interoperable.
According to an AWS executive, Symantec started building something and that became the starting point for the discussion for this project. “The group believes it can better address company and customer requirements over time by open sourcing this project,” he said. He added: “By putting the standard and some supporting tools on GitHub, now we have an open environment for commenting, pull requests and suggestions. So, we can get input across the industry. And we certainly have other companies that have expressed interest in joining the core working group.”
Fiveteen other companies including IBM security, Cloudflare, Palo Alto Networks, Okta, CrowdStrike, Salesforce and a few others are also contributing to this project.