OCA Event

OCA Event

IOB: Tracking adversary behaviors closes gaps in cyber threat intelligence sharing

IOBs are dynamic digital impressions and identifiers that monitor the interaction of foreign bodies with host systems or networks. From a threat detection and awareness perspective, IOBs help add context. They also help you understand the behavior of potential cyber attackers.

The Open Cybersecurity Alliance is working to create a standard way to represent cyber adversary behaviors to make it easier to:
~~share repeatable sets of observed adversary behaviors spanning multiple campaigns,
~~share the analytics to detect those behaviors, and
~~create and share playbooks to correlate those detections.

Join our panel of guest speakers as they review how past experiences with CTI sharing impacted this work, what’s behind the motivation to represent adversary behavior, and provide access to several reference implementations and analysis capabilities, and finally, how and why you should be involved in the next evolution of OCA-IOB.

OCA Event

Automating the Hunt for Advance Threats

OCA Kestrel Project on the Agenda

Threat hunting has traditionally been a manual process, in which a security analyst sifts through various data information using their own knowledge and familiarity with the network to create hypotheses about potential threats. With technology advancements, threat hunting is now an iterative, continuous process that 1) searches for indicators of compromise in organizational systems, and 2) detects, tracks, and disrupts threats that evade existing controls. Join SC Media April 12-13 as we bring together a group of cybersecurity experts who will share presentations and discussions on topics such as:

  • Establishing and maintaining a threat hunting capability
  • Threat hunting methodologies, tools, and tips
  • Leveraging and creating threat intelligence for your organization

Free to attend for OASIS members. View Recording here.

OCA Event

Can ‘best of breed’ security tools be orchestrated?

Most organizations are struggling with security complexity, underutilized tools, too many alerts, and too few resources – in an environment where cyberattacks are constantly increasing. At the time of acquisition, your team believed that each ‘best of breed’ tool was the solution to the precise problem. Before you knew it, most enterprises have one or more SIEM, SOAR, EDR, MDR, NDR, CDR, and/or XDR products in the environment. Increasing the number of tools led to diminishing tool performance, not due to misrepresentation from tool manufacturer but mostly because of limited or no interoperability. While each of these solutions has a purpose, it is important to understand the big picture of SOC operations to see how these individual jigsaw pieces come together to solve the puzzle.

Join us for a panel discussion on March 16, with industry analyst Fran Howarth, Security practice leader at Bloor Research, and other cybersecurity experts as they share practical guidance on what SOC operations teams can do to better protect themselves by orchestrating and interoperating new and existing cyber tools.

OCA Event

RSA Conference 2022

OCA Breakfast BoF / CSAF-VEX Session

RSA Conference is where the cybersecurity world comes together. For four days, you’ll gain insights, join conversations and experience solutions that could make a huge impact on your organization and your career. RSA Conference itself is transforming, too. We’re excited to be back in San Francisco, but we’re just as excited to offer a digital option as well. However you experience RSAC 2022, you’ll come away with knowledge and insights that will spark ideas and help you make the game-changing decisions that will transform the way you protect the world from threats.

Event will be held in-person. Members can use our OASIS code – 12UOASISFD – to receive an extra $150 off the conference rate. Direct link to discount.

Check out the Secure Supply Chain through Automation – with CSAF, VEX and SBOM session on Tuesday, 7 June 2:25 PM – 3:15 PM PT. View slide presentation here.

All are welcome to join us for an Open Cybersecurity Alliance Breakfast BoF on Wednesday, 8 June from 8:00-9:30 AM PDT.

OASIS Virtual Event

Indicators of Behaviour: How Can We Communicate and Collaborate on Them

During this first “OCA Community Forum,” we’ll tackle the topic of Indicators of Behaviour or IoBs. OCA Board Co-Chair, Jason Keirstead of IBM, will be joined by Lodrina Cherne from Cybereason to review:

  • What is an IoB, and how it differs from an Indicators of Attack (IoA) and Indicators of Compromise (IoC)?
  • How can (and should) an IoB be used by security practitioners, what outcomes are they used for?
  • Whether cybersecurity products should exchange IoBs? Assuming so, how would and should that work?
  • How the Open Cybersecurity Alliance plans to formulate a point of view around them.
OASIS Virtual Event

New Project Joins Budding Open Cybersecurity Ecosystem — NIST SCAP v2

Over the last year, the Open Cybersecurity Alliance (OCA) has been working to develop open source content, code, tooling, practices, and patterns that will improve the interoperability of cybersecurity solutions and help solve security complexity and redundancy for clients. During this webinar your hear an update on how OCA is progressing on product interoperability. In addition, OCA just accepted a third project from NIST. This project, the SCAP (Security Content Automation Protocol) Data Collection Prototype, was highlighted as it joins current projects STIXShifter and OpenDXL Ontology.

This is an opportunity for you to learn how OCA plans to bring interoperability across these projects and associated products. With a draft architecture defined, now is the time to learn how you can join in and help the Alliance evolve our architecture and projects.

No results with the selected filters