- A coalition of cybersecurity and technology leaders announced the Open Cybersecurity Schema Framework project at Black Hat USA 2022.
- 15 additional initial members are Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro, and Zscaler.
- The project will offer a simplified and vendor-agnostic taxonomy to help organizations by providing data from multiple sources.
The Open Cybersecurity Schema Framework project, an open-source effort to help organizations detect and stop cyberattacks faster and efficiently, was announced by a coalition of cybersecurity and technology leaders at Black Hat USA 2022. The OCSF project, built upon Schema work done at Symantec, was conceived and initiated by AWS and Splunk.
15 additional initial members
The OCSF includes contributions from 15 additional initial members, including Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro, and Zscaler. The project also invites the cybersecurity community to utilize and contribute to the OCSF.

The OCSF mainly focuses on the coordination across cybersecurity tools which is required for detecting and stopping cyberattacks. By providing data from multiple sources, the project will offer a simplified and vendor-agnostic taxonomy to help all security teams. It will help organizations to realize better, faster data ingestion and analysis. It can be adopted in any environment, application, or solution provider and fits with existing security standards and processes. By adopting OCSF, organizations will be able to increase their focus on analyzing data, identifying threats, and defending their organizations from cyberattacks. Patrick Coughlin, Group Vice President of Security Market at Splunk said,
« Security leaders are wrestling with integration gaps across an expanding set of application, service and infrastructure providers, and they need clean, normalized and prioritized data to detect and respond to threats at scale. This is a problem that the industry needed to come together to solve. That’s why Splunk is a proud member of the OCSF community security is a data problem and we want to help create open standard solutions for all producers and consumers of security data. »