IBM and McAfee primary backers of new open source cybersecurity group

cybersecurity
IBM Security and McAfee contribute code into a new open source cybersecurity group. (Pixabay)

Cybersecurity is headed to open source with a new initiative backed by IBM and McAfee, among other companies.

The Open Cybersecurity Alliance (OCA) was formed to pull the fragmented elements of the cybersecurity landscape under one roof by using open source code and practices. The new open source group is under the umbrella of the Organization for the Advancement of Structured Information Standards (OASIS).

IBM Security and McAfee kicked in the initial open source content and code into the OCA. Additional members include Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin. In today's press release, the OCA also threw out the welcome mat for additional organizations and individuals.

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

The goal of the OCA is to develop and promote sets of open source common content, code, tooling, patterns, and practices for interoperability and sharing data among cybersecurity tools for enterprise users.

Currently, organizations use 25 to 49 different security tools from up to 10 vendors on average, each of which generates siloed data, according to industry analyst firm Enterprise Strategy Group. In addition, connecting today's tools and data requires complex integrations that take away time that could otherwise be spent hunting and responding to security threats.

Using the collective knowledge and technologies of its members, the OCA's mandate includes improving security visibility and ability in order to discover new insights and findings that otherwise might have been missed.

It will also work on extracting more value from existing products while reducing vendor lock-in, and connecting data and sharing insights across products.

“When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it’s not helping anyone other than the attackers,” said Jason Keirstead, chief architect, IBM Security Threat Management, in a statement. “The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code.”

RELATED: Open Projects cuts a new trail for open source and standards

In May, OASIS, announced it had launched Open Projects. Open Projects, which was first formed at the start of this year, gives its member projects the freedom to develop what they chose, whether that's APIs, code, specifications, reference implementations or guidelines. Open Projects helps with the open source licensing process and provide a path to recognition in global policy and procurement.

Read more on

Suggested Articles

Ciena, Internet2 and Juniper Networks announced they have provisioned live traffic over a 1,367-mile circuit using a 400-gigabit Ethernet link.

Verizon Business is shielding its private IP networks by embedding a software-defined perimeter service to create a zero trust architecture.

Sprint teamed up with Ooma to deploy its new Omni phone business phone service that targets small-to-medium-sized businesses (SMBs).