STIX Shifter - March 2023

01/30/24 • 3 min

In this episode of OCA Community Connect, our guest Danny Elliott, a senior product owner for UDI and CAR integrations at IBM Security, gives us an inside look into the STIX Shifter project. He explains how this Python library facilitates data retrieval from various security products and data repositories using STIX Patterning. Once the data is found it transforms the results into STIX Observables. Danny also highlights the project's ongoing need for new connectors and domain expertise to enhance existing integrations. Stay tuned to learn more about the importance and impact of the STIX Shifter project in the world of cybersecurity.

Reference Links:

Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/

Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityalliance

Open Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg

Share Your Ideas & Guest Suggestions!

Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.

How to Contribute:

Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.

Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!

Reference Links:

Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/

Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityalliance

Open Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg

Share Your Ideas & Guest Suggestions!

Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.

How to Contribute:

Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.

Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!

Previous Episode

Indicators of Behavior (IoB) - Feb 2023

In this podcast episode, Charles Frick, a Chief Scientist at Johns Hopkins University Applied Physics Laboratory, discusses the Indicators of Behavior (IOB) subproject under the Open Cybersecurity Alliance. He explains the need for open standards to represent cyber adversary behaviors, aiming to share detections with longer shelf lives than current Indicators of Compromise (IOCs). Charles also emphasizes the importance of automation in cybersecurity to keep pace with adversaries and calls for community involvement to improve reference implementations, partner with other initiatives, and contribute to the project's GitHub repository. He invites feedback, collaboration, and volunteer efforts to advance the project's goals.

Blog on Indicators of Behavior (IOB)

https://opencybersecurityalliance.org/introducing-the-indicators-of-behavior-iob-sub-project/

Reference Links:

Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/

Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityalliance

Open Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg

Share Your Ideas & Guest Suggestions!

Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.

How to Contribute:

Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.

Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!

Next Episode

RSA 2023 USA Teaser - April 2023

Jason Keirstead, a Distinguished Engineer with IBM and the CTO of Threat Management, discusses the importance of the Open Cybersecurity Alliance (OCA) in addressing the problem of interoperability in cybersecurity. He explains that the lack of common ways to integrate cybersecurity products has led to inefficiencies and high costs for vendors and consumers. The OCA aims to improve interoperability, reduce friction, and lower integration costs by promoting open collaboration and sharing of source code. JK emphasizes the need for collective defense and collaboration in the industry to effectively counter threat actors. He also mentions the upcoming OCA breakfast event at RSA 2023 USA, where new initiatives related to XDR and application security will be announced.

Reference Links:

Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/

Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityalliance

Open Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg

Share Your Ideas & Guest Suggestions!

Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.

How to Contribute:

Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.

Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!