. home.aspx

NEWS

home.aspx
   


OCA Releases 'OpenDXL Ontology' To Drive Greater Interoperability

February 24, 2020 / AJINKYA BAGADE
SHARESHARESHARE

  • The release marks a major milestone in the OCA’s mission to drive greater interoperability across the security industry.

  • The OpenDXL Ontology offers a single, common language for these notifications, information and actions across security products.

  • This common language will facilitate a wide variety of interoperability uses case, from sharing threat intelligence to triggering remediation between tools.


The Open Cybersecurity Alliance (OCA) has announced the first open source language for connecting cybersecurity tools through a common messaging framework called 'OpenDXL Ontology'.


With open source code freely available to the security community, enables any tool to automatically gain the ability to communicate and interoperate with all other technologies using this language.

- Open Cybersecurity Alliance (OCA)


The release marks a major milestone in the OCA’s mission to drive greater interoperability across the security industry by eliminating the need for custom integrations between individual products.



The Open Data Exchange Layer (OpenDXL)


The OpenDXL Ontology offers a single, common language for these notifications, information and actions across security products that any vendor can adopt in order to communicate in a standard way with all other tools under this umbrella. This provides companies with a set of tooling that can be applied once and automatically reused everywhere across all product categories, while also eliminating the need to update integrations as product versions and functionalities change.


For example, if a certain tool detects a compromised device, it could automatically notify all other tools and even quarantine that device using a standard message format readable by all. While previously this was only possible with custom integrations between individual products, it will now be automatically enabled between all tools that adopt OpenDXL Ontology. Through continued development by the community, this common language will facilitate a wide variety of interoperability uses case, from sharing threat intelligence to triggering remediation between tools, such as isolating a device or updating a policy.



With the adoption of public cloud and explosion of connected devices, the ability for enterprises to quickly respond to threats across ever-changing technologies, and even beyond perimeters, is critical. OCA is driving an industrial shift in interoperability with the OpenDXL Ontology to support security at scale.

- Brian Rexroad, Vice President of Security Platforms, AT&T)

Over 4,100 vendors and enterprises already utilize the Open Data Exchange Layer (OpenDXL) to develop and share integrations with other tools. The adoption of OpenDXL Ontology will help create a stronger, united front to defend and protect across all types of security tools, while reducing the burden of point integrations between individual products.


READ MORE: Cyberthreats hovering over the impending tax season


The Open Cybersecurity Alliance (OCA)


The Open Cybersecurity Alliance (OCA) brings together vendors and end users to create an open cybersecurity ecosystem where products can freely exchange information, insights, analytics, and orchestrated response. OCA supports commonly developed code and tooling and the use of mutually agreed upon technologies, data standards, and procedures. The OCA is governed under the auspices of OASIS, which offers projects a path to standardization and de jure approval for reference in international policy and procurement.


Since launching five months ago, the OCA has expanded to include more than 25 partner organizations, with the following new members joining: Armis, Center for Internet Security, CyberNB, Cydarm, Gigamon, Raytheon, Recorded Future, sFractal Consulting, and Tripwire. The full list of members can be found here.


The OCA community is currently collaborating on GitHub and Slack to further new open-source code and use-cases for cybersecurity industry interoperability. In addition to the development of OpenDXL Ontology for a common, open-source language between tools, the OCA is also continuing to build out capabilities for STIX-Shifter, a universal, out-of-the box search capability for security products of all types. Since bringing STIX Shifter to the open-source community, hundreds of visitors have accessed this technology on GitHub, with dozens of users initiating new project forks for development on top of the primary STIX Shifter code.


The OCA will continue development for both STIX Shifter and OpenDXL Ontology, and is actively seeking additional contributors from across the security industry to help guide and drive innovative new use cases for these open source projects.


READ MORE: Intensifying cyberattacks are a hindrance to business innovations