Skip to content

ocsf/ocsf.github.io

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Welcome to OCSF

The Open Cybersecurity Schema Framework is an open-source project, delivering an extensible framework for developing schemas, along with a vendor-agnostic core security schema. Vendors and other data producers can adopt and extend the schema for their specific domains. Data engineers can map differing schemas to help security teams simplify data ingestion and normalization, so that data scientists and analysts can work with a common language for threat detection and investigation. The goal is to provide an open standard, adopted in any environment, application, or solution, while complementing existing security standards and processes.

Overview

The framework is made up of a set of data types, an attribute dictionary, and the taxonomy. It is not restricted to the cybersecurity domain nor to events, however the initial focus of the framework has been a schema for cybersecurity events. OCSF is agnostic to storage format, data collection and ETL processes. The core schema for cybersecurity events is intended to be agnostic to implementations. The schema framework definition files and the resulting normative schema are written as JSON.

Refer to the white paper Understanding the Open Cybersecurity Schema Framework for an introduction to the framework and schema. A schema browser for the cybersecurity schema can be found at OCSF Schema, where the user can easily navigate the schema, apply profiles and extensions, and browse the attributes, objects and event classes.

FAQ

We are maintaining a list of FAQs here.

Contributors

OCSF has a Steering Committee and Maintainers in addtion to Contributors. Interested in contributing to the OCSF project? Please check out the documentation on how in the OCSF Contribution Guide file.

List of Contributing Organizations

Slack Workspace

The project has a Slack workspace where contributors discuss issues and topics. If you would like to be invited to join, send an email to [email protected]. Tell us about interests and introduce yourself to the group after you accept an invite.

License

OCSF is licensed under the Apache License 2.0. Check out the LICENSE file to understand the requirements to use the artifacts of the project.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages