According to the companies, that incompatibility can cause delays in understanding how a cyberattack unfolds because data from one device must be converted into a compatible format to work with another device. That could hamper analysis of underlying threat data, said Mark Ryland, a top cybersecurity executive at Amazon Web Services (AWS), Amazon’s cloud computing arm.
The new standard — called the Open Cybersecurity Schema Framework — was announced Tuesday at the Black Hat Cybersecurity conference in Las Vegas. The project is being led by AWS, cybersecurity firm Symantec and Splunk, a data analytics company.
“The OCSF initiative is truly unprecedented,” Erkong Zheng, CEO of cybersecurity firm JupiterOne, said in a release. “Normalizing data before consumption is one of the biggest pain points for security professionals, and the universal framework proposed by OCSF, driven by common domain knowledge across multiple security vendors, simplifies this time-consuming step, ultimately leading to better and stronger security for all.”