First Open-Source Cybersecurity Language Released

The Open Cybersecurity Alliance (OSA) announced the release of a new, open-source standard that allows for communication between cybersecurity tools. The language, termed the OpenDXL Ontology, is a freely available framework that enables cybersecurity manufacturers to code messaging capabilities within their products. Other cybersecurity tools can receive these messages without a need for conversion. The elimination of the need for custom integrations between utilities is a significant milestone in the OCA’s journey to develop greater interoperability across the industry.

Committee Established for Language

As with all languages, there must be a centralized board to deal with its administration, and the OCA has developed one to work alongside the evolution of the OpenDXL Ontology. The Technical Steering Committee incorporates companies including Tripwire, Packet Clearinghouse, McAfee, and larger contributors such as IBM Security and AT&T. The aim of establishing this language is to give cybersecurity teams a more flexible way of engaging with utilities and tools. With more connected devices and wider adoption of IoT across the industry, there is a need for a more seamless operation of cybersecurity tools.

Understanding the OpenDXL Ontology

The Open Data Exchange Layer (OpenDXL) serves as a messaging framework that already forms a part of over 4,100 enterprises and vendors methods to share and develop integrations with other utilities. OpenDXL Ontology is a single, centralized standard information, actions, and notifications between services that use the OpenDXL system. The aim is to provide a language that is device-independent and is freely available to all manufacturers to encourage them to incorporate it into their cybersecurity tools. With the removal of custom integrations, cybersecurity teams now have the option of adopting any utilities they believe can help them secure their company’s network.

The united front presented by the OpenDXL Ontology allows for secure transfer of information between devices and subsystems within a cybersecurity network. Messages that trigger remediation, or warn of incoming threats can quickly be sent to every device regardless of their manufacturer. This development could be a bold innovation for the field of cybersecurity.