We’re Making Standards-Based, Interoperable Cybersecurity a Reality.

OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. Using community-developed standards and practices, we’re simplifying integration across the threat lifecycle. Join our community.

Learn

Find out what OCA is doing to increase your security efficiency and effectiveness.

See New Posts

Discuss

Share your questions, concerns, and ideas for cybersecurity interoperability.

Join Us On Slack

Contribute

Be part of the open, diverse community that is the OCA. Everyone is welcome.

Get Involved

Watch the video

Watch more OCA Videos

Benefits

Unlike industry-specific platforms for sharing threat data, OCA is uniquely focused on product interoperability, with benefits for the entire cybersecurity community:

Security Vendors can:

  • Increase integration exposure and reduce engineering
  • Leverage open source connectors and add value to your products
  • Deliver more robust data integrations
  • Allow clients to extract more value from your tools

Security Practitioners can:

  • Share information, analytics, and orchestrated response between products
  • Discover critical insights and findings you’re missing now
  • Avoid buying unnecessary tools
  • Free yourself from vendor lock-in

Projects

OCA advances a growing body of open source projects.

Kestrel

Kestrel

Threat Hunting Language

Provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt.
STIX Shifter

STIX Shifter

Patterning Library

Allows data to be normalized across domains for comprehensive security analysis
OpenDXL Ontology

OpenDXL Ontology

Messaging Format

Enables real-time data exchange and cross-vendor orchestration
NIST SCAP v2

NIST SCAP v2

Data Collection Architecture

Supports continuous monitoring for tracking assets' policy compliance
PACE

PACE

Posture Attribute Collection and Evaluation

Automating the collection and evaluation of security posture attributes from computing resources.

About

An OASIS Open Project, OCA operates under an inclusive, fair process that assures secure licensing and a path for recognition in international policy and procurement.

Person3

Mission

Our goal is interoperability across cybersecurity products. We’re not another data sharing platform.

Read More

Person1

Governance

Developers, corporate supporters, and technology consumers all have a voice in decision-making.

Meet our Leadership

Person2

Sponsors

Leading cybersecurity vendors, enterprises, and nonprofits from around the world back the OCA.

Join Us

Get in touch

Contact us for more details about sponsorship, or to learn more about the Alliance.