Filtra per genere
Welcome to 'Community Connect,' this is the space where we dive into the benefits of seamlessly integrating security products using open source software and standards, all with the goal of fostering a more interoperable security ecosystem. In each episode, we'll embark on a journey into the heart of the OCA community, engaging in insightful conversations with the individuals who are actively shaping the open source security landscape. Expect to stay up-to-date with the very latest developments, as we bring you exciting news, updates, and a closer look at the sub-projects that are steering the course of future security tooling. So, whether you're an experienced contributor, a curious developer, or simply someone with a profound commitment to securing our digital realm, this podcast is your go-to destination. Together, we'll drive innovation, elevate security standards, and contribute to a safer world. Host info: Roseann Guttierrez is your host. A cybersecurity professional with over two decades of experience. Specializing in computer forensics, digital investigation, and critical infrastructure. As the voice of the podcast, she embodies the spirit of a cybersecurity superhero, dedicated to forging alliances that enhance security across the digital realm.
- 10 - STIX Shifter - March 2024
In this episode of OCA Community Connect, we speak with Md Saroer-E Azam, a software developer at IBM and a key maintainer/contributor to STIX Shifter. The focus of today's discussion is the STIX Shifter project, an open-source python library designed to facilitate the connection and querying of diverse data sources no matter where they reside. It does this using STIX patterning and returning the results as STIX cyber observable objects.
Azam sheds light on the intricacies and challenges of developing and maintaining an open-source project while working for a commercial company. His insights offer valuable perspectives on the critical aspects of community engagement, documentation, code quality, compatibility, and security, which are crucial elements in ensuring the sustainability and growth of an open source project.
The episode delves into the potential directions for STIX Shifter's future, including expanding data source support and the need for greater volunteer contributions to drive its evolution. Join us as we explore the driving forces behind STIX Shifter and it potential for enhancing the cybersecurity ecosystem.
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
- Topics: Tell us what you’re curious about in the cybersecurity world.
- Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Thu, 21 Mar 2024 - 9 - CACAO Roaster - Feb 2024
Welcome back to OCA Community Connect, your source for all things related to the Open Cybersecurity Alliance. In today's episode, we have the pleasure of speaking with Vasilios Mavroeidis, a cybersecurity professor at the University of Oslo and a member of the OCA governing board. So, join us as Vasilios Mavroeidis shares his expertise and insights into the world of cybersecurity standards, offering a compelling look into the innovative CACAO roaster subproject and its potential to shape the future of cybersecurity operations.
This project aims to expand on the CACAO standard by providing an application that enables defenders to effectively design, sign, exchange and utilize playbooks. Vasilios advocates for the importance of this subproject, highlighting its potential to enhance the capacity of security operation centers, particularly for national security authorities and operators of essential services.
Throughout our conversation, Vasilios emphasizes the significance of community involvement in the project's development. He expresses the need for contributions from the wider cybersecurity community to improve the project, expand its capabilities, and create a valuable knowledge base of playbooks. Vasilios also delves into the potential for automation and the broad impact that the CACAO standard and in turn, the Roaster subproject could have on the field of cybersecurity.
- - -
**Episode Specific References**
OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security
https://groups.oasis-open.org/communities/tc-community-home2?CommunityKey=b75cccb8-adc6-4de5-8b99-018dc7d322b6
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Mon, 04 Mar 2024 - 8 - OCA 2023 Highlights - Jan 2024
Welcome back to another insightful episode of OCA Community Connect. Today, our host Roseann Guttierrez engages in a compelling conversation with Mark Mastrangeli, the cloud engagement director at Palo Alto Networks and co-chair of the OCA Project Governing Board (PGB). Mark shares his remarkable journey into the tech industry and the pivotal role he plays in advocating for collaboration and interoperability in the cybersecurity domain.
In this episode, Mark deep dives into the significant achievements of OCA in 2023. He sheds light on the launch of two projects - the Open XDR architecture and the Indicator of Behavior project, both aimed at driving innovation and enhancing cyber defense capabilities. Furthermore, Mark underscores the successful launch of the CACAO Roaster playbook editor, a project that promises to simplify the creation of playbooks for organizations.
Looking ahead to 2024, Mark unveils OCA's vision to expand its reach and bring different cybersecurity communities together. He emphasizes the mission to develop more inclusive and accessible solutions by fostering collaboration and interoperability. As the community aims to serve as an ecosystem of ecosystems, this episode gives a glimpse into the future of cybersecurity and the pivotal role that OCA is set to play in shaping it.
- - -
**Episode Specific References**
MITRE Security Automation Framework (SAF)
https://saf.mitre.org/Open Cybersecurity Schema Framework (OCSF)
https://docs.aws.amazon.com/security-lake/latest/userguide/open-cybersecurity-schema-framework.htmlVulnerability Exploitability eXchange (VEX)
https://www.cisa.gov/resources-tools/resources/minimum-requirements-vulnerability-exploitability-exchange-vexBorderless Cyber - OAISIS Open
https://borderlesscyber2023.oasis-open.org/- - -
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Wed, 14 Feb 2024 - 7 - Kestrel as a Service (KaaS) - Nov 2023
Welcome to another fascinating episode of OCA Community Connect! In this installment, our host, Roseann Guttierrez, engages in an insightful conversation with Kenneth Peeples, a principal cybersecurity architect at Red Hat, to unravel the ins and outs of the cutting-edge Kestrel as a Service (KaaS) project. As Kenneth shares the nitty-gritty details of KaaS, he paints a vivid picture of a platform designed for crowd hunting and threat collaboration, with a focus on enhancing the speed of detecting cyber threats. Delving deeper, he opens up about the personal significance of the project, tying it back to his profound passion for security and the inspiration he draws from his parents. Moreover, he sheds light on the vital role of community involvement in propelling the Kestrel as a Service platform forward, emphasizing the need for collaboration and contributions. Through this engaging conversation, we gain invaluable insights into the complexities and potential of Kestrel as a Service, as well as the pivotal role of open source collaboration in the dynamic landscape of cybersecurity. So, tune in and join us on this illuminating journey through the world of Kestrel as a Service!
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Wed, 14 Feb 2024 - 6 - Open XDR Architecture (OXA) - July 2023
In this episode of OCA Community Connect, we delve into the world of Open XDR Architecture (OXA) with our guest, David Bizeul, the co-founder and chief scientific officer of Sequoia IO. David provides an in-depth look at OXA, its significance, and the impact it has on the cybersecurity community. He emphasizes the importance of preserving expert resources, placing technology ownership on vendors, and raising the bar against attacks using CTI dissemination. Join us as we explore the potential of Open XDR Architecture and how the community's involvement is crucial for its success. Listen in for an engaging discussion and the various opportunities for participation and contribution.
*** NOTE: This episode had slides related to the discussion that can be found on this link ***
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Wed, 14 Feb 2024 - 5 - Cybersecurity Automation Sub Project (CASP) and Village - June 2023
In this episode of OCA Community Connect, we have the pleasure of welcoming Duncan Sparrell, chief cyber curmudgeon of sFractal Consulting LLC, and OASIS Board member. Duncan gives us a glimpse into the Cybersecurity Automation Sub-Project (CASP) and also shares information on the recent cybersecurity automation village event, providing highlights and detailing the scenarios that were addressed and discussed. He emphasizes the importance of automation in kicking hackers out of systems quickly. The conversation concludes with a discussion on upcoming events, including a meet-up at the borderless cyber event in London and a two-day event planned for early 2024.
The next CASP event will be a 2-day Cybersecurity Automation Village in Virginia in April,2024. For more info, see Next Village and participate in the CASP mailing list.
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Wed, 14 Feb 2024 - 4 - Kestrel - May 2023
In this episode of OCA Community Connect, our host Roseann Guttierrez sits down with Xiaokui Shu, a senior research scientist from IBM and chair of the OCA technical steering committee, to delve into the world of cybersecurity and the Kestrel subproject. Xiaokui provides an insightful overview of Kestrel as a threat hunting language aimed at streamlining the process of identifying and addressing potential security threats. He shares the project's fascinating journey, from its inception in a DARPA program to its evolution into an open-source initiative at IBM. Xiaokui also sheds light on the challenges the Kestrel project currently faces and offers listeners the opportunity to join the conversation through the OCA Slack Space and the dedicated Kestrel channel. Whether you're a cybersecurity enthusiast or simply curious about the cutting-edge developments in threat detection, this episode provides an engaging look at the Kestrel project and how you can be a part of its ongoing growth and innovation.
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgCCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
October 2018 Pages 1883–1898
https://doi.org/10.1145/3243734.3243829Share Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Wed, 14 Feb 2024 - 3 - RSA 2023 USA Teaser - April 2023
Jason Keirstead, a Distinguished Engineer with IBM and the CTO of Threat Management, discusses the importance of the Open Cybersecurity Alliance (OCA) in addressing the problem of interoperability in cybersecurity. He explains that the lack of common ways to integrate cybersecurity products has led to inefficiencies and high costs for vendors and consumers. The OCA aims to improve interoperability, reduce friction, and lower integration costs by promoting open collaboration and sharing of source code. JK emphasizes the need for collective defense and collaboration in the industry to effectively counter threat actors. He also mentions the upcoming OCA breakfast event at RSA 2023 USA, where new initiatives related to XDR and application security will be announced.
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Tue, 13 Feb 2024 - 2 - STIX Shifter - March 2023
In this episode of OCA Community Connect, our guest Danny Elliott, a senior product owner for UDI and CAR integrations at IBM Security, gives us an inside look into the STIX Shifter project. He explains how this Python library facilitates data retrieval from various security products and data repositories using STIX Patterning. Once the data is found it transforms the results into STIX Observables. Danny also highlights the project's ongoing need for new connectors and domain expertise to enhance existing integrations. Stay tuned to learn more about the importance and impact of the STIX Shifter project in the world of cybersecurity.
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Tue, 30 Jan 2024 - 1 - Indicators of Behavior (IoB) - Feb 2023
In this podcast episode, Charles Frick, a Chief Scientist at Johns Hopkins University Applied Physics Laboratory, discusses the Indicators of Behavior (IOB) subproject under the Open Cybersecurity Alliance. He explains the need for open standards to represent cyber adversary behaviors, aiming to share detections with longer shelf lives than current Indicators of Compromise (IOCs). Charles also emphasizes the importance of automation in cybersecurity to keep pace with adversaries and calls for community involvement to improve reference implementations, partner with other initiatives, and contribute to the project's GitHub repository. He invites feedback, collaboration, and volunteer efforts to advance the project's goals.
Blog on Indicators of Behavior (IOB)
https://opencybersecurityalliance.org/introducing-the-indicators-of-behavior-iob-sub-project/
Reference Links:
Open Cybersecurity Alliance (OCA) website:
https://opencybersecurityalliance.org/Open Cybersecurity Alliance (OCA) GitHub
https://github.com/opencybersecurityallianceOpen Cybersecurity Alliance (OCA) YouTube
https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827CgShare Your Ideas & Guest Suggestions!
Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.
How to Contribute:
Topics: Tell us what you’re curious about in the cybersecurity world.
Guests: Know someone who’d be a great interview? We’d love to hear about them.Reach Out: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!
Wed, 24 Jan 2024
Podcast simili a <nome>
- Global News Podcast BBC World Service
- El Partidazo de COPE COPE
- Herrera en COPE COPE
- The Dan Bongino Show Cumulus Podcast Network | Dan Bongino
- Es la Mañana de Federico esRadio
- La Noche de Dieter esRadio
- Hondelatte Raconte - Christophe Hondelatte Europe 1
- Affaires sensibles France Inter
- La rosa de los vientos OndaCero
- Más de uno OndaCero
- La Zanzara Radio 24
- Espacio en blanco Radio Nacional
- Les Grosses Têtes RTL
- L'Heure Du Crime RTL
- El Larguero SER Podcast
- Nadie Sabe Nada SER Podcast
- SER Historia SER Podcast
- Todo Concostrina SER Podcast
- 安住紳一郎の日曜天国 TBS RADIO
- TED Talks Daily TED
- The Tucker Carlson Show Tucker Carlson Network
- 辛坊治郎 ズーム そこまで言うか! ニッポン放送
- 飯田浩司のOK! Cozy up! Podcast ニッポン放送
- 武田鉄矢・今朝の三枚おろし 文化放送PodcastQR