Subscribe to the new OCA Community Connect Podcast. The podcast is an invitation to tune in, engage with the content, and join us in our mission to create a more secure, integrated, and collaborative cybersecurity ecosystem.
Kestrel as a Service The Open Cybersecurity Alliance (OCA) is excited to announce the next milestone of the Kestrel subproject, Kestrel as a Service (KaaS). KaaS enables threat hunting at scale to improve threat detection. It is a Kestrel container and a deployable cloud-managed hunting service for large organizations. The project provides the code and instructions for deploying a […]
Kestrel provides a layer of abstraction to compose hunt-flows with standard hunt steps that run across many data sources and data types. This blogs overviews how data is retrieved, processed, and stored in Kestrel, and explains the 10x data retrieval performance improvement through Kestrel 1.5, 1.6, and 1.7.
In conjunction with RSAC, the Open Cybersecurity Alliance (OCA) hosted a breakfast event on Wednesday, 26 April. With over 200 people that signed up, the meeting was a mix of short presentations and lively discussions. Here are a few impressions from the event. If you are interested in learning more about OCA, or would like to get involved, you can find links […]
The OCA Indicators of Behavior (IOB) Project works to represent patterns of behavior associated with malicious cyber activity. Check out the overview video.
Given the dramatic rise in number of cybersecurity attacks in the recent years, threat hunting is very important to secure businesses and enterprises. This post discusses a new approach to detect lateral movement and shows how this approach can be applied on the data read using STIX-Shifter in the Kestrel threat hunting platform.