View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 8, 2019

18 Cybersecurity Firms Team Up to Plug their Products Together

"A commonly accepted set of standards and code"

By CBR Staff Writer

Eighteen leading cybersecurity companies say they are teaming up to improve cross-product interoperability an unusual alliance for a highly competitive market.

The Open Cybersecurity Alliance (OCA), launched today by open standards group OASIS, has brought in Cybereason, CrowdStrike, McAfee, IBM and 14 others.

They have committed to developing “protocols and standards which enable tools to work together and share information across vendors”.

Open Cybersecurity Alliance: Why the Teamwork?

Large organisations typically use 25 to 49 different security tools provided by up to ten vendors, according to research from the Enterprise Strategy Group.

This heterogeneous security landscape has resulted in closed off data lakes and the withholding of information between vendors.

Read this: 10 Major Global Telcos “Completely Penetrated” by Chinese APT

As IBM’s Jason Keirstead put it today: “When security teams are constantly spending their time manually integrating tools and maintaining those integrations, it’s not helping anyone other than the attackers.”

“The mission of the OCA is to create a unified security ecosystem, where businesses no longer have to build one-off manual integrations between every product, but instead can build one integration to work across all, based on a commonly accepted set of standards and code.”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

So far the alliance has been joined by the following cybersecurity firms; Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin.

open cybersecurity alliance

Credit: Open Cybersecurity alliance

Open Source for the Open Cybersecurity Alliance…

IBM and McAfee are leading the alliance and have already opened up two projects that will form part of the OCA’s initial technological offering.

IBM has released its STIX-Shifter onto Github: this is an open source library that can identify and format data about potential threats contained within data repositories. This formatting means it can be digested and integrated with any security tool that is part of the alliance.

McAfee, meanwhile, has developed a cybersecurity messaging format, named OpenDXL, that will be available under the Apache 2.0 license.

OpenDXL uses the Data Exchange Layer (DXL), which many vendors and enterprises already rely on. OpenDXL is an open standard developed by McAfee that connects products independent of the underlying proprietary architecture, without relying on vendor-specific APIs and requirements.)

Carol Geyer, chief development officer of OASIS commented in the release that: “Today, organizations struggle without a standard language when sharing data between products and tools.”

“We have seen efforts emerge to foster data exchange, but what has been missing is the ability for each tool to transmit and receive these messages in a standardized format, resulting in more expensive and time-consuming integration costs.

“The aim of the OCA is to accelerate the open sharing concept making it easier for enterprises to manage and operate.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.