IBM and McAfee primary backers of new open source cybersecurity group

cybersecurity
IBM Security and McAfee contribute code into a new open source cybersecurity group. (Pixabay)

Cybersecurity is headed to open source with a new initiative backed by IBM and McAfee, among other companies.

The Open Cybersecurity Alliance (OCA) was formed to pull the fragmented elements of the cybersecurity landscape under one roof by using open source code and practices. The new open source group is under the umbrella of the Organization for the Advancement of Structured Information Standards (OASIS).

IBM Security and McAfee kicked in the initial open source content and code into the OCA. Additional members include Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin. In today's press release, the OCA also threw out the welcome mat for additional organizations and individuals.

Blitz Week

Register for FierceTelecom Blitz Week - June 15-18

As the telecom industry moves forward in the age of new technology, FierceTelecom Blitz week addresses the questions of how platforms, providers, and more will modernize to keep up with these fast-paced changes and their current status of implementing these changes. Join us June 15-18 to dive deep into the world of telecom transformation.

The goal of the OCA is to develop and promote sets of open source common content, code, tooling, patterns, and practices for interoperability and sharing data among cybersecurity tools for enterprise users.

Currently, organizations use 25 to 49 different security tools from up to 10 vendors on average, each of which generates siloed data, according to industry analyst firm Enterprise Strategy Group. In addition, connecting today's tools and data requires complex integrations that take away time that could otherwise be spent hunting and responding to security threats.

Using the collective knowledge and technologies of its members, the OCA's mandate includes improving security visibility and ability in order to discover new insights and findings that otherwise might have been missed.

It will also work on extracting more value from existing products while reducing vendor lock-in, and connecting data and sharing insights across products.

“When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it’s not helping anyone other than the attackers,” said Jason Keirstead, chief architect, IBM Security Threat Management, in a statement. “The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code.”

RELATED: Open Projects cuts a new trail for open source and standards

In May, OASIS, announced it had launched Open Projects. Open Projects, which was first formed at the start of this year, gives its member projects the freedom to develop what they chose, whether that's APIs, code, specifications, reference implementations or guidelines. Open Projects helps with the open source licensing process and provide a path to recognition in global policy and procurement.

Read more on

Suggested Articles

VMware announced on Thursday that it has struck a deal to buy network security vendor Lastline for an undisclosed sum.

For the first time in nine years, the data center switch market recorded a decline due in part to COVID-19, according to research.

While many vendors have bemoaned the impact of the COVID-19 pandemic in their earnings reports, Ciena rose above the storm in its fiscal Q2 earnings.