Open Cybersecurity Alliance looks for new members and new projects at RSA 2020

New standards project aims to make it easy to integrate multiple security tools.

Open Cybersecurity Alliance looks for new members at RSA 2020
2:25

At the RSA Conference in San Francisco, TechRepublic's Veronica Combs spoke with Darren Thomas, senior product manager at McAfee, about the company's Security Innovation Alliance (SIA) and its partnership with OASIS.

Darren Thomas: The whole goal of the alliance is to foster information exchange and to reduce the friction points when it comes to integrations between different products. We are in the process of developing some common tooling under the auspice of OASIS. It's an OASIS open project. Everything is being developed out in the open, and the goal is to make this tooling available to the industry at large so that any organization that adopts the common tooling that we're creating will be able to have instant interoperability with one another. 

It's the whole idea of needing to develop and integrate once, and being able to reuse everywhere among the entire security industry.

SEE: Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)

The tedious chore is not only time-consuming but often expensive for vendors to integrate with one another, particularly as they're doing one-off integrations that need to be maintained and changed over time. What we're trying to do is remove all of that cost and effort away again by providing this common set of toolings that are easy to integrate with once, and then being able to take advantage of the broader ecosystem.

We've been actually really overwhelmed and really happy with the response. We launched with 16 sponsoring partners. We're now, as of today at the RSA Conference, up to 26 partners with more meetings to come this week. We've had two projects contributed since October: STIX-Shifter, which is an open source federated data search, and OpenDXL Ontology, which is an open common language for vendors in the industry, to integrate with.

OASIS is hugely important for us. We're doing it under an OASIS open project. OASIS really is the home of standards and collaboration. It was very important for the alliance to work with a world-renowned partner in OASIS. It also enables us to develop everything in the open with equal say among members, whether you're a 20,000-seat organization, or you're a handful of people in a consulting arm, or something else, everybody has an equal voice when it comes to defining the projects and how we're going to be working on it.

Also see

20200226-rsa-thomas-veronica.jpg

Darren Thomas, senior product manager at McAfee, at RSA 2020

Image: Mackenzie Burke/TechRepublic