Press Release

Industry Leaders Unite at OASIS Open to Define Heimdall Data Format as a Standard for Exchanging Data Between Cybersecurity Tools

Cisco, Intel, Sophos, and Others to Advance Standard Supporting Cybersecurity Product Interoperability

Boston, MA – 12 April 2023 — Members of OASIS Open, the international open source and standards consortium, are working together to advance the Heimdall Data Format for exchanging normalized data between cybersecurity tools. This standard, vendor-neutral data format will support cybersecurity product interoperability without having to create customized integrations.

The new OASIS Heimdall Data Format (OHDF) Technical Committee brings together major security software and hardware companies, cybersecurity providers, government agencies, and consultants to provide an interoperable target format that vendor tools can consume across their customer base consistently, and is easily managed within the product lifecycle.

“Organizations need a way to streamline their security processes by having a standard, open source, machine-readable format for all security data. Today, we see the industry facing challenges stemming from having a multitude of tools, formats, dashboards and data alignments to monitor,” said Aaron Lippold of MITRE, OHDF TC co-chair. “Our goal is to generalize this mountain of data by providing a standardized and normalized format, which will help unify the information that various cybersecurity tools produce, specifically around security testing tools. I am excited to see interest and adoption of the OHDF format across the industry, to include Sophos, Lockheed Martin, VMware, Rancher Federal, GitHub, Progress Chef, and many others.”

OHDF co-chair, Mike Fraser of Sophos, added, “Sophos has been involved with the MITRE Security Automation Framework (MITRE SAF©) team for the past few years providing development feedback and helping operationalize HDF, now OHDF, through DevSecOps automation with Sophos Factory. With OHDF, security teams can take the initial cybersecurity tools data, ensure it is interoperable with data from other cybersecurity tools, and then share the data through Heimdall dashboards or integrate it in other security technologies. Our goal here is to evolve that process while continuing to improve and enhance the security-focused data format.”

The TC will leverage pre-existing standards to the greatest extent practical and base its initial efforts on HDF specifications that are part of the MITRE SAF. MITRE will contribute the open source specifications and related documentation developed for HDF to the OHDF TC. It is expected that other organizations and interested individuals in the larger community will also develop implementations and tooling.

Participation in the OASIS OHDF TC is open to all through OASIS membership. Corporate and federal CISOs/CSOs, security data vendors, federal contractors, national standards agencies and institutes, and others impacted by this work are invited to join the group.

Support for the OHDF Technical Committee
“By having universal industry standards that allow security vendors to better collaborate and share data across tools, we can collectively cross the divide between private and public sectors to more effectively provide defenses against cyberattacks. Security teams need to be able to speak the same language by increasing interoperability between tools with OHDF, which could significantly fast-track their ability to detect and respond to cybersecurity threats. Sophos is excited to work with the OHDF community to define and drive this standard industry wide.”
– Mike Fraser, VP & CTO of DevSecOps, Sophos

Additional Information
OHDF TC Charter

About OASIS Open
One of the most respected, nonprofit open source and open standards bodies in the world, OASIS advances the fair, transparent development of open source software and standards through the power of global collaboration and community. OASIS is the home for worldwide standards in IoT, cybersecurity, blockchain, privacy, cryptography, cloud computing, urban mobility, emergency management, and other content technologies. Many OASIS standards go on to be ratified by de jure bodies and referenced in international policies and government procurement. More information can be found at

Media inquiries