IBM and McAfee primary backers of new open source cybersecurity group

cybersecurity
IBM Security and McAfee contribute code into a new open source cybersecurity group. (Pixabay)

Cybersecurity is headed to open source with a new initiative backed by IBM and McAfee, among other companies.

The Open Cybersecurity Alliance (OCA) was formed to pull the fragmented elements of the cybersecurity landscape under one roof by using open source code and practices. The new open source group is under the umbrella of the Organization for the Advancement of Structured Information Standards (OASIS).

IBM Security and McAfee kicked in the initial open source content and code into the OCA. Additional members include Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin. In today's press release, the OCA also threw out the welcome mat for additional organizations and individuals.

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

The goal of the OCA is to develop and promote sets of open source common content, code, tooling, patterns, and practices for interoperability and sharing data among cybersecurity tools for enterprise users.

Currently, organizations use 25 to 49 different security tools from up to 10 vendors on average, each of which generates siloed data, according to industry analyst firm Enterprise Strategy Group. In addition, connecting today's tools and data requires complex integrations that take away time that could otherwise be spent hunting and responding to security threats.

Using the collective knowledge and technologies of its members, the OCA's mandate includes improving security visibility and ability in order to discover new insights and findings that otherwise might have been missed.

It will also work on extracting more value from existing products while reducing vendor lock-in, and connecting data and sharing insights across products.

“When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it’s not helping anyone other than the attackers,” said Jason Keirstead, chief architect, IBM Security Threat Management, in a statement. “The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code.”

RELATED: Open Projects cuts a new trail for open source and standards

In May, OASIS, announced it had launched Open Projects. Open Projects, which was first formed at the start of this year, gives its member projects the freedom to develop what they chose, whether that's APIs, code, specifications, reference implementations or guidelines. Open Projects helps with the open source licensing process and provide a path to recognition in global policy and procurement.

Read more on

Suggested Articles

The personal information of hundreds of thousands of CenturyLink customers was exposed online via an open database that has since been closed.

The number of hyperscale data centers hit a new high-water mark in the third quarter, according to Synergy Research Group.

Comcast Business has extended its broadband and network management capabilities into parts of Canada via a partnership with iTel Networks.