AWS co-announces release of the Open Cybersecurity Schema Framework (OCSF) project
<div> <img src="https://infracom.com.sg/wp-content/uploads/2022/08/OCSF-Logo-1260x585-1.png" class="ff-og-image-inserted" /> </div>
In today’s fast-changing security environment, security professionals must monitor, detect, react to, and mitigate new and existing security issues. To take action, security teams should be able to evaluate security-relevant telemetry and log data through the use of multiple tools, technologies, and vendors. The complex and heterogeneous nature of the task drives up costs and could decelerate response and recognition times. Our mission would be to innovate with respect to our customers to allow them to quicker analyze and guard their environment once the need arises.
<pre> <code> <p>With that objective in mind, alongside a true amount of partner organizations, we’re very happy to announce the release of the <a href="https://github.com/ocsf" focus on="_blank" rel="noopener noreferrer">Open up Cybersecurity Schema Framework (OCSF) task</a>, which include an open specification for the normalization of security telemetry across an array of security services and products, along with open-source tools that assistance and accelerate the usage of the OCSF schema. As a co-founder of the OCSF effort, we’ve helped create the various tools and specifications that are offered to all or any industry vendors, partners, clients, and practitioners. Signing up for us in this announcement can be an selection of key security vendors, you start with Splunk, the co-founder with AWS of the OCSF task, and including Broadcom also, Salesforce, Rapid7, Tanium, Cloudflare, Palo Alto Networks, DTEX, CrowdStrike, IBM Security, JupiterOne, Zscaler, Sumo Logic, IronNet, Securonix, and Trend Micro. In the years ahead, anyone can take part in the evolution of the tooling and specification in <a href="https://github.com/ocsf" focus on="_blank" rel="noopener noreferrer">https://github.com/ocsf</the>.</p>
<p>Our clients possess told us that information and interoperability normalization between security products is really a challenge for them. Security teams need to correlate and unify information across multiple products from different vendors in a variety of proprietary formats; that ongoing work includes a growing cost connected with it. Of concentrating primarily on detecting and giving an answer to events instead, security teams spending some time normalizing this information as the prerequisite to response and knowing. We believe that usage of the OCSF schema can make it easier for security teams to ingest and correlate security log information from different sources, enabling greater recognition accuracy and faster reaction to security events. We notice value in contributing our engineering efforts and tasks also, tools, training, and guidelines to greatly help standardize security telemetry over the industry. These efforts advantage our clients and the broader security community.</p>
<p>Although we being an industry can’t control the behavior of threat actors directly, we are able to improve our collective defenses by rendering it easier for security teams to accomplish their jobs better. At AWS, we have been excited to start to see the industry arrive jointly to utilize the OCSF task to create it easier for security professionals to spotlight the things that are essential to their company: identifying and giving an answer to events, after that using that data to boost their security posture proactively.</p>
<p>For more information concerning the OCSF project, go to <a href=”https://github.com/ocsf” focus on=”_blank” rel=”noopener noreferrer”>https://github.com/ocsf</the>.</p>
<p><strong>Need more AWS Security news? Stick to us on <a title=”Twitter” href=”https://twitter.com/AWSsecurityinfo” focus on=”_blank” rel=”noopener noreferrer”>Twitter</the>.</strong></p>
<!– ‘”` –>