Security tools are fragmented, and for tackling any threat or breach, businesses have to rely on a number of tools. The open-source community has come together to design a new language framework, OpenDXL, to eliminate the gaps between different tools. Launched by Open Cybersecurity Alliance (OCA), it is the first open-source language for connecting cybersecurity tools through common messaging platforms.
The OpenDXL Ontology aims to create a common language for better communication between cybersecurity tools and systems. The language will remove the need for custom integration between products; it even makes the communication between endpoint systems, firewalls, and behavior monitors. Currently, most of the custom integration results in a gap between tools with vendor-specific architecture and a rise in fragmentation.
The Open Data Exchange Layer (OpenDXL) is an open messaging framework that is already being used by about 4,000 organizations to improve tool integration. It aims to provide better sharing language to all security vendors giving one set of tooling that can be reused across various cybersecurity products.
The new language will remove the need for additional benefits with open source framework and tooling that removes the need for advancement in integration when the software versions or functionalities change. OCA released a statement saying that if a certain tool detects a compromised device, it will automatically notify all the other tools about the device, and quarantine the device using a standard messaging format. In the past, custom messaging was required by tools to improve communication between them.
Under OASIS, the OCA was formed in October 2019 and is led by IBM and McAfee. The Cybersecurity Consortium currently includes 26 businesses, including several security vendors such as McAfee, Crowdstrike, and IBM. The new members addition includes Armis, Recorded Future, Tripwire, and Gigamon.