We’re Making Standards-Based, Interoperable Cybersecurity a Reality.

OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. Using community-developed standards and practices, we’re simplifying integration across the threat lifecycle. Join our community.

Learn

Find out what OCA is doing to increase your security efficiency and effectiveness.

See New Posts

Discuss

Share your questions, concerns, and ideas for cybersecurity interoperability.

Join Us On Slack

Contribute

Be part of the open, diverse community that is the OCA. Everyone is welcome.

Get Involved

Watch the video

Watch more OCA Videos

Benefits

Unlike industry-specific platforms for sharing threat data, OCA is uniquely focused on product interoperability, with benefits for the entire cybersecurity community:

Security Vendors can:

Increase integration exposure and reduce engineering
Leverage open source connectors and add value to your products
Deliver more robust data integrations
Allow clients to extract more value from your tools

Security Practitioners can:

Share information, analytics, and orchestrated response between products
Discover critical insights and findings you’re missing now
Avoid buying unnecessary tools
Free yourself from vendor lock-in

OCA Sub-Projects and Working Groups

OCA advances a growing body of open source projects and working groups.

Kestrel

Threat Hunting Language

Provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt.

STIX Shifter

Patterning Library

Allows data to be normalized across domains for comprehensive security analysis

PACE

Posture Attribute Collection and Evaluation

Automating the collection and evaluation of security posture attributes from computing resources.

Indicators of Behavior Sharing

Working Group

Focused on the challenge of moving detections to Indicators of Behavior, and how to collaborate on, share IoB based detections between products and tool

Zero Trust Architecture

Working Group

Working to create and further refine OCA technologies to enable a Zero Trust architecture.

OCA Ontology

Working Group

Creating a unified ontology for cybersecurity information in order to have standard ways of encoding information on data fabrics, APIs, etc.

About

An OASIS Open Project, OCA operates under an inclusive, fair process that assures secure licensing and a path for recognition in international policy and procurement.

Mission

Our goal is interoperability across cybersecurity products. We’re not another data sharing platform.

Governance

Developers, corporate supporters, and technology consumers all have a voice in decision-making.

Meet our Leadership

We’re Making Standards-Based, Interoperable Cybersecurity a Reality.

OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. Using community-developed standards and practices, we’re simplifying integration across the threat lifecycle. Join our community.

Learn

Discuss

Contribute

Benefits

Unlike industry-specific platforms for sharing threat data, OCA is uniquely focused on product interoperability, with benefits for the entire cybersecurity community:

Security Vendors can:

Security Practitioners can:

OCA Sub-Projects and Working Groups

OCA advances a growing body of open source projects and working groups.

Kestrel

STIX Shifter

PACE

Indicators of Behavior Sharing

Zero Trust Architecture

OCA Ontology

About

An OASIS Open Project, OCA operates under an inclusive, fair process that assures secure licensing and a path for recognition in international policy and procurement.

Mission

Governance

Sponsors

Get in touch

Contact us for more details about sponsorship or to learn more about the Open Cybersecurity Alliance.