OCA Event

Interop Demo, Plug Fest, Hackathon

Cybersecurity Automation Village Plugfest

Join us for the Hybrid Cybersecurity Automation Village plugfest on April 11-12, 2024, with an optional setup day on April 10, 2024. Hosted by the Open Cybersecurity Alliance (OCA) Cybersecurity Automation SubProject (CASP), this event unites global cybersecurity stakeholders for two days of plugfest sessions, guest speakers, and demonstrations. Register to secure your spot, subscribe to the CASP mailing list, attend biweekly CASP meetings, and join the #casp channel on OCA Slack for event discussions. The in-person location at Peraton Offices in Reston, VA, has limited space, and priority is given to those with the highest sweat equity. Participate in vendor “Interoperability Validation” sessions and explore a tentative list of projects on the CASP github site. Be part of advancing cybersecurity automation!

OCA Event

Cybersecurity Automation Village

Our OCA CASP Community plans to hold a HYBRID workshop and plugfest, the day before and at the same venue as, the CISA SBOMarama. The objective is to present and demonstrate working interoperating systems contributing to cybersecurity automation, particularly across different participants and across the different standards. The workshop will involve a series of presentations and demonstrations touching various interworking scenarios and use cases.

Everyone involved in the development of cybersecurity open source and open standards should be involved. Admission is free and sweat equity is flexible. (You can simply go to see what is going on, but it would be fantastic if you could contribute by getting involved with use cases.)

OCA Event

IOB: Tracking adversary behaviors closes gaps in cyber threat intelligence sharing

IOBs are dynamic digital impressions and identifiers that monitor the interaction of foreign bodies with host systems or networks. From a threat detection and awareness perspective, IOBs help add context. They also help you understand the behavior of potential cyber attackers.

The Open Cybersecurity Alliance is working to create a standard way to represent cyber adversary behaviors to make it easier to:
~~share repeatable sets of observed adversary behaviors spanning multiple campaigns,
~~share the analytics to detect those behaviors, and
~~create and share playbooks to correlate those detections.

Join our panel of guest speakers as they review how past experiences with CTI sharing impacted this work, what’s behind the motivation to represent adversary behavior, and provide access to several reference implementations and analysis capabilities, and finally, how and why you should be involved in the next evolution of OCA-IOB.

OCA Event

Automating the Hunt for Advance Threats

OCA Kestrel Project on the Agenda

Threat hunting has traditionally been a manual process, in which a security analyst sifts through various data information using their own knowledge and familiarity with the network to create hypotheses about potential threats. With technology advancements, threat hunting is now an iterative, continuous process that 1) searches for indicators of compromise in organizational systems, and 2) detects, tracks, and disrupts threats that evade existing controls. Join SC Media April 12-13 as we bring together a group of cybersecurity experts who will share presentations and discussions on topics such as:

  • Establishing and maintaining a threat hunting capability
  • Threat hunting methodologies, tools, and tips
  • Leveraging and creating threat intelligence for your organization

Free to attend for OASIS members. View Recording here.

OCA Event

Can ‘best of breed’ security tools be orchestrated?

Most organizations are struggling with security complexity, underutilized tools, too many alerts, and too few resources – in an environment where cyberattacks are constantly increasing. At the time of acquisition, your team believed that each ‘best of breed’ tool was the solution to the precise problem. Before you knew it, most enterprises have one or more SIEM, SOAR, EDR, MDR, NDR, CDR, and/or XDR products in the environment. Increasing the number of tools led to diminishing tool performance, not due to misrepresentation from tool manufacturer but mostly because of limited or no interoperability. While each of these solutions has a purpose, it is important to understand the big picture of SOC operations to see how these individual jigsaw pieces come together to solve the puzzle.

Join us for a panel discussion on March 16, with industry analyst Fran Howarth, Security practice leader at Bloor Research, and other cybersecurity experts as they share practical guidance on what SOC operations teams can do to better protect themselves by orchestrating and interoperating new and existing cyber tools.

OCA Event

RSA Conference 2022

OCA Breakfast BoF / CSAF-VEX Session

RSA Conference is where the cybersecurity world comes together. For four days, you’ll gain insights, join conversations and experience solutions that could make a huge impact on your organization and your career. RSA Conference itself is transforming, too. We’re excited to be back in San Francisco, but we’re just as excited to offer a digital option as well. However you experience RSAC 2022, you’ll come away with knowledge and insights that will spark ideas and help you make the game-changing decisions that will transform the way you protect the world from threats.

Event will be held in-person. Members can use our OASIS code – 12UOASISFD – to receive an extra $150 off the conference rate. Direct link to discount.

Check out the Secure Supply Chain through Automation – with CSAF, VEX and SBOM session on Tuesday, 7 June 2:25 PM – 3:15 PM PT. View slide presentation here.

All are welcome to join us for an Open Cybersecurity Alliance Breakfast BoF on Wednesday, 8 June from 8:00-9:30 AM PDT.

OASIS Virtual Event

Indicators of Behaviour: How Can We Communicate and Collaborate on Them

During this first “OCA Community Forum,” we’ll tackle the topic of Indicators of Behaviour or IoBs. OCA Board Co-Chair, Jason Keirstead of IBM, will be joined by Lodrina Cherne from Cybereason to review:

  • What is an IoB, and how it differs from an Indicators of Attack (IoA) and Indicators of Compromise (IoC)?
  • How can (and should) an IoB be used by security practitioners, what outcomes are they used for?
  • Whether cybersecurity products should exchange IoBs? Assuming so, how would and should that work?
  • How the Open Cybersecurity Alliance plans to formulate a point of view around them.
OASIS Virtual Event

New Project Joins Budding Open Cybersecurity Ecosystem — NIST SCAP v2

Over the last year, the Open Cybersecurity Alliance (OCA) has been working to develop open source content, code, tooling, practices, and patterns that will improve the interoperability of cybersecurity solutions and help solve security complexity and redundancy for clients. During this webinar your hear an update on how OCA is progressing on product interoperability. In addition, OCA just accepted a third project from NIST. This project, the SCAP (Security Content Automation Protocol) Data Collection Prototype, was highlighted as it joins current projects STIXShifter and OpenDXL Ontology.

This is an opportunity for you to learn how OCA plans to bring interoperability across these projects and associated products. With a draft architecture defined, now is the time to learn how you can join in and help the Alliance evolve our architecture and projects.

No results with the selected filters