OASIS Board Member Spotlight Series: Q&A with Altaz Valani

The OASIS Board of Directors are integral to the organization's success. Read our Q&A to gain a better sense of who they are and why they serve the OASIS community.

Meet Altaz Valani, an accomplished and award-winning DevSecOps evangelist who also stands out as an executive advisor, teaching instructor, and community builder.

What has been your involvement at OASIS?
Along with being a Board member, I am also part of a few OASIS Technical Committees (TCs). My personal interest lies primarily in the cybersecurity and value stream space. It is, essentially, the intersection of secure technology and business value. Through my collaboration at OASIS, I am able to meet many individuals from diverse backgrounds. This diversity is one of the key strengths of the committees at OASIS.

What inspired you to join the OASIS Board of Directors?
I want to make a difference in this world. OASIS has amazing projects, many of which address key needs of the cybersecurity industry, specifically around the problem of data sharing. Being a Board member allows me to influence the direction of an internationally recognized organization with a long history of developing standards in an open ecosystem. It also gives me the opportunity to network and meet other like-minded individuals who also want to make a difference. Working together allows us to achieve what no single person could do on their own.

What types of skills/expertise do you bring to the OASIS Board, and how do you hope to make an impact?
My background is in software development and cybersecurity. My goal is to positively impact OASIS by helping to bridge gaps with other communities, setting future strategy, and socializing the impact of OASIS and its downstream open standards on the world.

Why are you passionate about OASIS’ mission?
From a cybersecurity perspective, there are so many tools out there that don’t talk to each other. Having an open standard that allows for smoother data interchange helps to drive the generation of key insights. It is from these insights that we can more effectively remediate some of our biggest cybersecurity problems.

What sets OASIS apart from other organizations?
First, OASIS has a clear onramp to international standardization. Through years of building a strong relationship with organizations like ISO, OASIS is uniquely positioned to bring the best of open development into the world of global standards. Second, the work done at OASIS is open and transparent. Anyone can see the work being done, and that builds accountability into the governance structure.

What are some reasons why companies, organizations, and individuals should bring their projects to OASIS?
Trying to do the heavy lifting on your own is extremely difficult and costly, but spreading the effort across multiple companies pays off. Additionally, there is an innovation component to this. As collaboration takes place, there are numerous ideas that emerge which you may not have considered, helping to advance innovation within your organization.

Do you have an impact story about your work in open source or standards?
Open projects have a profound impact on so many communities. In my experience, when a community shares their insights, they are earnestly seeking feedback for improvement. Feedback received then begets more feedback. That type of engagement allows an open project to remain relevant. 

When I worked at The Open Group on developing an open standard for Zero Trust, the feedback from many people was extremely valuable – both as validation as well as opportunities for further refinement. In the end, what emerged was a set of principles and practices that provided valuable guidance for many organizations and practitioners.

What trends or changes in standards are most exciting to you?
AI is certainly a big topic today. What is exciting about it is the way it can help reduce the manual effort of poring through vast amounts of security information to make informed decisions. We have no shortage of security tools today. What’s missing is an open security observability layer that integrates disparate islands of security tooling data into meaningful insights. I see OASIS and other standards communities continuing to drive meaningful open solutions to the problem of cybersecurity and integration. Additionally, as AI emerges, there are many possible opportunities to standardize pieces of the lifecycle around model representation and explainable AI. 

What’s a fun fact about you? 
I once travelled to Mongolia and stayed in a ger. It was amazing to experience a totally different culture and to understand their rich history and fascinating customs.