Open Cybersecurity Alliance’s OpenDXL Ontology to drive interoperability in fragmented product environment
The Open Cybersecurity Alliance (OCA) has released an open-source framework aimed at enabling disparate security tools from various vendors to more easily communicate and interoperate with each other.
The Lowdown: The organization, which includes such members as IBM, AT&T, McAfee, and Tripwire, introduced the OpenDXL Ontology framework this week at the RSA Conference 2020 in San Francisco.
The Details: The goal is to enable cybersecurity tools that use the OpenDXL Ontology language to freely interoperate rather than having to develop custom integrations between individual products like endpoints to firewalls. Such interoperability is becoming increasingly important as the IT environment becomes increasingly distributed and the attack surface for bad actors increases with the trend toward greater mobility, cloud computing, and the Internet of Things (IoT).
More than 4,100 vendors and enterprises already use the Open Data Exchange Layer (OpenDXL), an open messaging framework developed by OCA to drive integration between security tools. With OpenDXL Ontology, there’s a single common, standard language for notifications, information, and actions from OpenDXL.
In addition, OpenDXL Ontology will eliminate the need for vendors and organizations to update their integrations as new product versions and functionalities are released.
Background: The OCA was launched in 2019 with the goal of creating open-source frameworks to easily and automatically connect a fragmented cybersecurity product landscape. There are more than two-dozen members and the group has two major interoperability projects – OpenDXL Ontology (contributed by McAfee) and STIX Shifter (a search capability for security products contributed by IBM Security) – that are being developed on GitHub.
The Buzz: “With the adoption of public cloud and explosion of connected devices, the ability for enterprises to quickly respond to threats across ever-changing technologies, and even beyond perimeters, is critical,” says Brian Rexroad, vice president of security platforms at AT&T. “OCA is driving an industrial shift in interoperability with the OpenDXL Ontology to support security at scale.”