Vula iCybersecurity Schema Framework okanye eyaziwa ngcono ngesifinyezo sayo «OCSF» yiprojekthi entsha leyo izalwa kwisandla se-AWS kunye ne-Splunk. Esi sikhokelo sitsha sikubuchwephesha isoftware ekhoyo evulelekileyo eyaziwa ngokuba yi-ICD I-Schema, eyathi yona yadalwa yiyunithi yokhuseleko lwe-cybersecurity ye-Broadcom ye-Broadcom.
Iprojekthi ye-OCSF yaboniswa kwi-Black Hat USA 2022 kunye nenjongo yayo ephambili kukunceda imibutho ibone, iphande kwaye iyeke uhlaselo lwe-cyber ngokukhawuleza nangempumelelo.
I-OCSF ibandakanya iminikelo evela kumalungu okuqala ali-15 kuquka Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro, kunye neZscaler. Onke amalungu oluntu lwe-cybersecurity ayamenywa ukuba asebenzise kwaye abe negalelo kwi-OCSF.
Kwimeko yokhuseleko yanamhlanje ehlala itshintsha, iingcali zokhuseleko kufuneka ziqhubeke zibeke iliso, zibhaqe, ziphendule, kwaye zithobe imiba esele ikho kunye nemitsha yokhuseleko. Ukwenza njalo, amaqela okhuseleko kufuneka akwazi ukuhlalutya idatha yelogi ehambelana nokhuseleko kunye nedatha ye-telemetry usebenzisa izixhobo ezininzi, itekhnoloji kunye nabathengisi. Ubume obuntsonkothileyo kunye nobuxakaxaka balo msebenzi bonyusa iindleko kwaye bunokucothisa ukubonwa kunye namaxesha okuphendula. Umsebenzi wethu kukwenza izinto ezintsha egameni labathengi bethu ukuze bakwazi ukuhlalutya ngokukhawuleza kwaye bakhusele okusingqongileyo xa kukho imfuneko.
Unaloo njongo engqondweni, kunye nemibutho eliqela yamaqabane, siyakuvuyela ukubhengeza ukusungulwa kweprojekthi ye-Open Cybersecurity Schema Framework (OCSF), ebandakanya ukucaciswa okuvulekileyo kokubekwa emgangathweni kwe-telemetry yokhuseleko kuluhlu olubanzi lweemveliso kunye neenkonzo zokhuseleko. Ukhuseleko, kunye nezixhobo ezivulelekileyo ezixhasa kwaye zikhawulezise ukusetyenziswa kwenkqubo ye-OCSF.
Malunga ne-OCSF
I-OCSF ngumgangatho ovulekileyo inokwamkelwa kuyo nayiphi na imeko, isicelo okanye umboneleli yezisombululo kunye ihambelana nemigangatho ekhoyo yokhuseleko kunye neenkqubo. Njengoko ababoneleli besisombululo se-cybersecurity bebethelela imigangatho ye-OCSF kwiimveliso zabo, ukulinganisa idatha yokhuseleko kuya kuba lula kwaye kungabi ngumthwalo kumaqela okhuseleko.
Ukwamkela i-OCSF kuya kwenza amaqela okhuseleko akhulise ukugxila kuhlalutyo lwedatha, ukuchongwa kwesoyikiso, kunye nokukhusela imibutho yabo kuhlaselo lwe-cyber.
I-OCSF ifuna ukunceda imibutho iphendule kuhlaselo lwe-cyber ngempumelelo ngakumbi ngokwenza lula enye yezona nkalo zinzima kakhulu zomsebenzi: ulawulo lwedatha. Ngokukodwa, iprojekthi yenzelwe ukulungelelanisa inkqubo yokucubungula idatha ekuhlaselweni kwe-cyber.
Imibutho ihlala ingasebenzisi enye, kodwa izixhobo ezininzi ze-cybersecurity ukubona izinto ezingalunganga kuthungelwano. Kudla ngokuba luncedo ukwabelana ngedatha phakathi kwezo zixhobo. Umzekelo, ukuba iqela le-cybersecurity lisebenzisa iinkqubo ezimbini ezahlukeneyo ukuphanda iinzame zokugqekeza, banokufuna ukwabelana ngolwazi lobugcisa malunga nomsebenzi wenethiwekhi onobungozi phakathi kwezo zicelo zimbini.
Ngoku ihambisa idatha ukusuka kwesinye isixhobo sokhuseleko lwe-cybersecurity ukuya kwesinye rhoqo kufuna isixa esibalulekileyo somsebenzi wezandla. Isizathu kukuba izixhobo ezahlukeneyo zihlala zigcina idatha kwiifomathi ezahlukeneyo. Ngenxa yoko, xa i-dataset ihanjiswa phakathi kwezixhobo ze-cybersecurity, abalawuli kufuneka batshintshe ngesandla ifomathi yedatha.
I-OCSF ijonge ukuwenza lula umsebenzi. Ngokutsho kwabaxhasi beprojekthi, yenzelwe ukunika umgangatho oqhelekileyo womthombo ovulekileyo ukulungelelanisa ulwazi lwe-cybersecurity. Ukuba izixhobo ezimbini ze-cybersecurity zigcina idatha kwifomathi efanayo, abalawuli banokuhambisa idatha phakathi kwabo ngaphandle kokuyilungisa ngesandla kuqala, ukugcina ixesha.
Ukutshintsha ifomathi yeseti yedatha kufuna izixhobo ezikhethekileyo zesoftware. Ngenxa yokuba inkqubo inokubandakanya inani elikhulu lomsebenzi wezandla, kukho umngcipheko wephutha lomntu.
I-OCSF ibonelela ngendlela esemgangathweni yokuchaza umzamo wokukhwabanisa, njengoko ichaza ukuba zeziphi iingongoma zedatha isixhobo sokhuseleko lwe-cybersecurity kufuneka sinikezele malunga nomzamo wokukhwabanisa, kunye nendlela loo manqaku edatha afanele afomathwe ngayo. Imibutho inokuzikhethela i-OCSF ukuba iimfuno zayo zidlulela ngaphaya kweseti engundoqo yesakhelo.
Gqibela ukuba unomdla wokwazi okungakumbi ngayo, kuya kufuneka wazi ukuba abaxhasi beprojekthi ye-OCSF bakhuphe ikhowudi yesakhelo kwi-GitHub phantsi kwelayisensi yomthombo ovulekileyo.