The security entity of IBM and MacAfee have announced the creation of the Open Cybersecurity Alliance, which includes CyberArk, Fortinet and ThreatQuotient. Objective: To provide open source tools to facilitate interoperability and dialogue between third-party security solutions.

According to a survey by analyst firm Enterprise Strategy Group, companies use between 25 and 49 security solutions that can come from 10 different publishers. A situation that is not without concern, at the risk of leading to the creation of data silos. In order to promote interoperability between the different offers and to enable them to better dialogue and share data between themselves, IBM Security and McAfee announced the creation, with the support of the OASIS consortium, of the Open Cybersecurity Alliance (OCA).

“Connecting these tools and data requires complex integrations, taking time that can be spent on finding and responding to threats. To accelerate and optimize the security of business users, the OCA will develop protocols and standards that allow tools to work together and share information between providers, ”  reads a statement. If IBM Security and MacAfee are behind this initiative, more than a dozen security players participate in the project, namely Advanced Cyber ​​Security Corp., Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient and Tufin.

OpenDXL Standard Ontology licensed Apache 2.0

The alliance will work to develop and promote a set of open source content, which can take the form of code, templates and tools, to enable interoperability and data sharing between cybersecurity tools. “For enterprise users, this means improving the visibility of security and the ability of new ideas and discoveries that would otherwise have been missed, gaining more value from existing products and reducing vendor-lockin, connecting data, and sharing information.” between products “.

The first two contributions were made by IBM Security and McAfee. As for the big blue security entity, the STIX-Shifter project aims to “create a universal out-of-the-box search functionality for security products of all types, providing a way to connect security products to other cloud and software security repositories via a standardized cybersecurity data model (STIX 2) “. McAfee’s contribution includes OpenDXL Standard Ontology, which is licensed under Apache 2.0, which focuses on developing an open and interoperable cybersecurity messaging format for use with the OpenDXL messaging bus.