IBM and McAfee primary backers of new open source cybersecurity group

cybersecurity
IBM Security and McAfee contribute code into a new open source cybersecurity group. (Pixabay)

Cybersecurity is headed to open source with a new initiative backed by IBM and McAfee, among other companies.

The Open Cybersecurity Alliance (OCA) was formed to pull the fragmented elements of the cybersecurity landscape under one roof by using open source code and practices. The new open source group is under the umbrella of the Organization for the Advancement of Structured Information Standards (OASIS).

IBM Security and McAfee kicked in the initial open source content and code into the OCA. Additional members include Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin. In today's press release, the OCA also threw out the welcome mat for additional organizations and individuals.

SPONSORED BY GOOGLE CLOUD

Webinar: Remote Post Production In The Cloud

Video production companies across the world have traditionally been tethered to physical facilities, but with the advent of covid-19, remote post production capabilities are more important than ever. Join this webinar to learn more about how video producers can utilize Google Cloud infrastructure, along with partner applications, to develop a remote post production suite that brings your artists and editors together, no matter where they are.

The goal of the OCA is to develop and promote sets of open source common content, code, tooling, patterns, and practices for interoperability and sharing data among cybersecurity tools for enterprise users.

Currently, organizations use 25 to 49 different security tools from up to 10 vendors on average, each of which generates siloed data, according to industry analyst firm Enterprise Strategy Group. In addition, connecting today's tools and data requires complex integrations that take away time that could otherwise be spent hunting and responding to security threats.

Using the collective knowledge and technologies of its members, the OCA's mandate includes improving security visibility and ability in order to discover new insights and findings that otherwise might have been missed.

It will also work on extracting more value from existing products while reducing vendor lock-in, and connecting data and sharing insights across products.

“When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it’s not helping anyone other than the attackers,” said Jason Keirstead, chief architect, IBM Security Threat Management, in a statement. “The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code.”

RELATED: Open Projects cuts a new trail for open source and standards

In May, OASIS, announced it had launched Open Projects. Open Projects, which was first formed at the start of this year, gives its member projects the freedom to develop what they chose, whether that's APIs, code, specifications, reference implementations or guidelines. Open Projects helps with the open source licensing process and provide a path to recognition in global policy and procurement.

Read more on

Suggested Articles

For the second time, Gainspeed is on the move after Nokia completed the sell-off of its Gainspeed cable assets to Vecima Networks.

Windstream has picked Ciena for the build-out of its new nationwide optical network, which is slated for turn up in the third quarter of this year.

LightRiver has carved out a large niche in the optical networking space by bringing multi-vendor software automation to the plumbing of networks.