I-OCSF, iphrojekthi yomthombo ovulekile ngokubambisana ne-AWS, i-Splunk nezinye izinkampani ukuthola nokubhekana nokuhlaselwa kwe-cyber

Vula i-Cybersecurity Schema Framework noma eyaziwa kangcono ngesifinyezo sayo I-"OCSF" iphrojekthi entsha lokho kuzalwa esandleni se-AWS kanye ne-Splunk. Lolu hlaka olusha lukubuchwepheshe isofthiwe ekhona yomthombo ovulekile eyaziwa nge-ICD I-Schema, yona eyadalwa yiyunithi ye-Broadcom's Symantec cybersecurity.

Iphrojekthi ye-OCSF yethulwe kuBlack Hat USA 2022 futhi inhloso yayo enkulu ukusiza izinhlangano ukuthi zithole, ziphenye futhi zimise ukuhlasela ku-inthanethi ngokushesha nangempumelelo kakhudlwana.

I-OCSF ihlanganisa iminikelo evela kumalungu okuqala ayi-15 kuhlanganise Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro, kanye neZscaler. Wonke amalungu omphakathi we-cybersecurity amenywa ukuthi asebenzise futhi anikele ku-OCSF.

Kusimo sezokuphepha esishintsha njalo, ochwepheshe bezokuphepha kufanele bahlale beqapha, bathole, baphendule, futhi banciphise izinkinga zokuphepha ezikhona nezintsha. Ukwenza kanjalo, amathimba okuvikela kufanele akwazi ukuhlaziya idatha yelogi ehambisana nokuvikeleka kanye ne-telemetry esebenzisa amathuluzi amaningi, ubuchwepheshe, nabathengisi. Imvelo eyinkimbinkimbi neyinkimbinkimbi yalo msebenzi inyusa izindleko futhi ingabambezela ukutholwa nezikhathi zokuphendula. Umgomo wethu uwukusungula izinto ezintsha egameni lamakhasimende ethu ukuze akwazi ukuhlaziya ngokushesha futhi avikele indawo yawo lapho kuphakama isidingo.

Ngalowo mgomo engqondweni, kanye nezinhlangano ezimbalwa zozakwethu, siyajabula ukumemezela ukwethulwa kwephrojekthi ye-Open Cybersecurity Schema Framework (OCSF), ehlanganisa ukucaciswa okuvulekile kokumiswa kwe-telemetry yokuvikela enhlobonhlobo yemikhiqizo nezinsizakalo zokuphepha. ukuphepha, kanye namathuluzi omthombo ovulekile asekela futhi asheshisa ukusetshenziswa kohlelo lwe-OCSF. 

Mayelana ne-OCSF

I-OCSF iyindinganiso evulekile ukuthi ingamukelwa kunoma iyiphi indawo, isicelo noma umhlinzeki yezixazululo kanye ihambisana namazinga nezinqubo zokuphepha ezikhona. Njengoba abahlinzeki bezixazululo ze-cybersecurity beshumeka izindinganiso ze-OCSF emikhiqizweni yabo, ukumisa idatha yokuphepha kuzoba lula futhi kungabi umthwalo emaqenjini okuvikela.

Ukwamukela i-OCSF kuzovumela amaqembu ezokuphepha ukuthi akhulise ukugxila ekuhlaziyweni kwedatha, ukuhlonza izinsongo, nokuvikela izinhlangano zabo ekuhlaselweni ku-inthanethi.

I-OCSF ifuna ukusiza izinhlangano ukuthi ziphendule ekuhlaselweni ku-inthanethi ngempumelelo kakhulu ngokwenza kube lula isici esisodwa esiyinkimbinkimbi kakhulu somsebenzi: ukuphathwa kwedatha. Ikakhulukazi, iphrojekthi yakhelwe ukwenza lula inqubo yokucubungula idatha ekuhlaselweni kwe-cyber.

Izinhlangano ngokuvamile azisebenzisi elilodwa, kodwa amathuluzi amaningana we-cybersecurity ukuthola imisebenzi enonya kumanethiwekhi azo. Ngokuvamile kuyasiza ukwabelana ngedatha phakathi kwalawo mathuluzi. Isibonelo, uma ithimba le-cybersecurity lisebenzisa izinhlelo zokusebenza ezimbili ezihlukene ukuze liphenye imizamo yokugebenga, lingase lifune ukwabelana ngolwazi lobuchwepheshe mayelana nomsebenzi wenethiwekhi enonya phakathi kwalezo zinhlelo zokusebenza ezimbili.

Okwamanje ihambisa idatha ukusuka kwelinye ithuluzi le-cybersecurity kuya kwelinye njalo kudinga inani elikhulu lomsebenzi wezandla. Isizathu siwukuthi amathuluzi ahlukene avame ukugcina idatha ngamafomethi ahlukene. Njengomphumela, lapho idathasethi ihanjiswa phakathi kwamathuluzi e-cybersecurity, abalawuli kufanele baguqule mathupha ifomethi yedathasethi.

I-OCSF ihlose ukwenza umsebenzi ube lula. Ngokusho kwabaxhasi bomklamo, yakhelwe ukuhlinzeka ngezinga elivamile lomthombo ovulekile ukuhlela ulwazi lwe-cybersecurity. Uma amathuluzi amabili e-cybersecurity egcina idatha ngefomethi efanayo, abalawuli bangahambisa idatha phakathi kwabo ngaphandle kokuyilungisa mathupha kuqala, konga isikhathi.

Ukushintsha ifomethi yesethi yedatha ngokuvamile kudinga amathuluzi esofthiwe akhethekile. Ngenxa yokuthi inqubo ingabandakanya inani elibalulekile lomsebenzi wezandla, kukhona futhi ingozi yephutha lomuntu.

I-OCSF ihlinzeka ngendlela ejwayelekile yokuchaza umzamo wokugebenga, njengoba icacisa ukuthi iyiphi idatha ekhomba ithuluzi le-cybersecurity okufanele linikeze mayelana nomzamo wokugebenga, kanye nokuthi lawo maphuzu edatha kufanele afomethwe kanjani. Izinhlangano zingakwazi ukukhetha ngendlela oyifisayo i-OCSF uma izidingo zazo zidlulela ngale kwesethi yesici esiyinhloko sohlaka.

Okokugcina uma unentshisekelo yokwazi kabanzi ngakho, kufanele wazi ukuthi abaxhasi bephrojekthi ye-OCSF bakhiphe ikhodi yohlaka ku-GitHub ngaphansi kwelayisensi yomthombo ovulekile.


Okuqukethwe yi-athikili kunamathela ezimisweni zethu ze izimiso zokuhlelela. Ukubika iphutha chofoza lapha.

Yiba ngowokuqala ukuphawula

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe.

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.