IBM and McAfee launch Open Cybersecurity Alliance to help vendors interoperate

LAS VEGAS — McAfee and IBM Security have announced that they are the founding members of the Open Cybersecurity Alliance (OCA), a group of 18 companies whose goal is to foster interoperability and easy integration between security vendors.

The project is under the auspices of OASIS (Organization for the Advancement of Structured Information Standards), a non-profit consortium that drives the development, convergence and adoption of open standards for the global information society.

Although there are several other cybersecurity coalitions (Cyber Threat Alliance, Cloud Security Alliance, and Cybersecurity Tech Accord, for example), OCA is unique in that it’s purely about developing open source code, tools, and patterns to allow vendors’ products to interoperate. The other groups focus on things like threat information exchange, or best practices.

“We feel that there’ve been great strides, particularly over the past few years, within the industry itself to encourage the interoperation of data and the exchange of data, and a lot of very robust ecosystems have formed,” explained Darren Thomas, senior product manager, Open Data Exchange Layer, McAfee. “But even though the ecosystems tend to play well within themselves, there’s not always that top level interoperability. One of the goals of the project is to develop a common language and a common structure which everybody will be able use in the very same way, driving much, much faster, and much more robust security outcomes for the industry as a whole.”

He hopes that the initiative will act as a force multiplier, with vendors making use of the project outcomes being able to seamlessly interoperate with one another through a single integration effort.

“For a security vendor, it boils down to choice,” he said. “We can’t possibly integrate with everyone as one-offs.”

Security practitioners will be able to gain new insights from their existing tools, reduce vendor lockin, and be able to cut back on purchases of new tools.

But the OCA is not trying to reinvent the wheel.

“We’re trying to leverage standards wherever they exist. We’re not trying to create competing standards,” said Jason Keirstead, chief architect, IBM Security Threat Management. “All these different deliverables that we create as part of the OASIS-Open project are 100 per cent open source. That’s one of the unique things about these projects: even though they can eventually evolve to become standards that are referenced by industry standards bodies, the initial work products are always open source. So it’s all about open source and creating actual code that will enable this interoperability.”

To get things started, McAfee has contributed its OpenDXL Standard Ontology project, which is developing a standard messaging format for use with OpenDXL (the open data exchange layer developed by McAfee and released to open source), to the Alliance, and IBM Security contributed its STIX Shifter project, centred on open and interoperable threat hunting and analytics, using the STIX 2 Cyber Observable Model as a base.

Other members at launch include Advanced Cyber Security Corp, Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient, and Tufin. The Alliance is still looking for additional members.


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Lynn Greiner
Lynn Greiner
Lynn Greiner has been interpreting tech for businesses for over 20 years and has worked in the industry as well as writing about it, giving her a unique perspective into the issues companies face. She has both IT credentials and a business degree

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.