by Roseann Guttierrez
Welcome to 'Community Connect,' this is the space where we dive into the benefits of seamlessly integrating security products using open source software and standards, all with the goal of fostering a more interoperable security ecosystem. In each episode, we'll embark on a journey into the heart of the OCA community, engaging in insightful conversations with the individuals who are actively shaping the open source security landscape. Expect to stay up-to-date with the very latest developments, as we bring you exciting news, updates, and a closer look at the sub-projects that are steering the course of future security tooling. So, whether you're an experienced contributor, a curious developer, or simply someone with a profound commitment to securing our digital realm, this podcast is your go-to destination. Together, we'll drive innovation, elevate security standards, and contribute to a safer world. Host info: Roseann Guttierrez is your host. A cybersecurity professional with over two decades of experience. Specializing in computer forensics, digital investigation, and critical infrastructure. As the voice of the podcast, she embodies the spirit of a cybersecurity superhero, dedicated to forging alliances that enhance security across the digital realm.
Language
🇺🇲
Publishing Since
1/24/2024
Email Addresses
1 available
Phone Numbers
0 available
March 21, 2024
<p>In this episode of OCA Community Connect, we speak with Md Saroer-E Azam, a software developer at IBM and a key maintainer/contributor to STIX Shifter. The focus of today's discussion is the STIX Shifter project, an open-source python library designed to facilitate the connection and querying of diverse data sources no matter where they reside. It does this using STIX patterning and returning the results as STIX cyber observable objects.</p> <p>Azam sheds light on the intricacies and challenges of developing and maintaining an open-source project while working for a commercial company. His insights offer valuable perspectives on the critical aspects of community engagement, documentation, code quality, compatibility, and security, which are crucial elements in ensuring the sustainability and growth of an open source project.</p> <p>The episode delves into the potential directions for STIX Shifter's future, including expanding data source support and the need for greater volunteer contributions to drive its evolution. Join us as we explore the driving forces behind STIX Shifter and it potential for enhancing the cybersecurity ecosystem.</p> <hr /> <p><strong>Reference Links:</strong></p> <p><strong>Open Cybersecurity Alliance (OCA) website:</strong><br /> https://opencybersecurityalliance.org/</p> <p><strong>Open Cybersecurity Alliance (OCA) GitHub</strong><br /> https://github.com/opencybersecurityalliance</p> <p><strong>Open Cybersecurity Alliance (OCA) YouTube</strong><br /> https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg</p> <hr /> <p><strong>Share Your Ideas & Guest Suggestions!</strong></p> <p>Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.</p> <p><strong>How to Contribute:</strong></p> <p>- <strong>Topics:</strong> Tell us what you’re curious about in the cybersecurity world.<br /> - <strong>Guests:</strong> Know someone who’d be a great interview? We’d love to hear about them.</p> <p><strong>Reach Out:</strong> Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!</p>
March 4, 2024
<p>Welcome back to OCA Community Connect, your source for all things related to the Open Cybersecurity Alliance. In today's episode, we have the pleasure of speaking with Vasilios Mavroeidis, a cybersecurity professor at the University of Oslo and a member of the OCA governing board. So, join us as Vasilios Mavroeidis shares his expertise and insights into the world of cybersecurity standards, offering a compelling look into the innovative CACAO roaster subproject and its potential to shape the future of cybersecurity operations.</p> <p>This project aims to expand on the CACAO standard by providing an application that enables defenders to effectively design, sign, exchange and utilize playbooks. Vasilios advocates for the importance of this subproject, highlighting its potential to enhance the capacity of security operation centers, particularly for national security authorities and operators of essential services.</p> <p>Throughout our conversation, Vasilios emphasizes the significance of community involvement in the project's development. He expresses the need for contributions from the wider cybersecurity community to improve the project, expand its capabilities, and create a valuable knowledge base of playbooks. Vasilios also delves into the potential for automation and the broad impact that the CACAO standard and in turn, the Roaster subproject could have on the field of cybersecurity.</p> <p>- - -</p> <p><strong>**Episode Specific References**</strong></p> <p><strong>OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security</strong><br /> https://groups.oasis-open.org/communities/tc-community-home2?CommunityKey=b75cccb8-adc6-4de5-8b99-018dc7d322b6</p> <p><br /> </p> <hr /> <p> </p> <p><strong>Reference Links:</strong></p> <p><strong>Open Cybersecurity Alliance (OCA) website:</strong><br /> https://opencybersecurityalliance.org/</p> <p><strong>Open Cybersecurity Alliance (OCA) GitHub</strong><br /> https://github.com/opencybersecurityalliance</p> <p><strong>Open Cybersecurity Alliance (OCA) YouTube</strong><br /> https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg</p> <p> </p> <hr /> <p><strong>Share Your Ideas & Guest Suggestions!</strong></p> <p>Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.</p> <p><strong>How to Contribute:</strong></p> <p style="margin-left:40px"><strong>Topics</strong>: Tell us what you’re curious about in the cybersecurity world.<br /> <strong>Guests</strong>: Know someone who’d be a great interview? We’d love to hear about them.</p> <p><strong>Reach Ou</strong>t: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!</p>
February 14, 2024
<p>Welcome back to another insightful episode of OCA Community Connect. Today, our host Roseann Guttierrez engages in a compelling conversation with Mark Mastrangeli, the cloud engagement director at Palo Alto Networks and co-chair of the OCA Project Governing Board (PGB). Mark shares his remarkable journey into the tech industry and the pivotal role he plays in advocating for collaboration and interoperability in the cybersecurity domain.</p> <p>In this episode, Mark deep dives into the significant achievements of OCA in 2023. He sheds light on the launch of two projects - the Open XDR architecture and the Indicator of Behavior project, both aimed at driving innovation and enhancing cyber defense capabilities. Furthermore, Mark underscores the successful launch of the CACAO Roaster playbook editor, a project that promises to simplify the creation of playbooks for organizations.</p> <p>Looking ahead to 2024, Mark unveils OCA's vision to expand its reach and bring different cybersecurity communities together. He emphasizes the mission to develop more inclusive and accessible solutions by fostering collaboration and interoperability. As the community aims to serve as an ecosystem of ecosystems, this episode gives a glimpse into the future of cybersecurity and the pivotal role that OCA is set to play in shaping it.</p> <p>- - -</p> <p><u><strong>**Episode Specific References** </strong></u></p> <p><br /> <strong>MITRE Security Automation Framework (SAF)</strong><br /> https://saf.mitre.org/</p> <p><strong>Open Cybersecurity Schema Framework (OCSF)</strong><br /> https://docs.aws.amazon.com/security-lake/latest/userguide/open-cybersecurity-schema-framework.html</p> <p><strong>Vulnerability Exploitability eXchange (VEX)</strong><br /> https://www.cisa.gov/resources-tools/resources/minimum-requirements-vulnerability-exploitability-exchange-vex</p> <p><strong>Borderless Cyber - OAISIS Open</strong><br /> https://borderlesscyber2023.oasis-open.org/</p> <p>- - -</p> <p><u><strong>Reference Links:</strong></u></p> <p><strong>Open Cybersecurity Alliance (OCA) website:</strong><br /> https://opencybersecurityalliance.org/</p> <p><strong>Open Cybersecurity Alliance (OCA) GitHub</strong><br /> https://github.com/opencybersecurityalliance</p> <p><strong>Open Cybersecurity Alliance (OCA) YouTube</strong><br /> https://www.youtube.com/channel/UCjTpPl2oEGH_Ws251m827Cg</p> <hr /> <p><strong>Share Your Ideas & Guest Suggestions!</strong></p> <p>Got a topic or an expert in mind for "OCA Community Connect"? We’re always on the lookout for fresh insights and voices in cybersecurity and open-source innovation.</p> <p><strong>How to Contribute:</strong></p> <p style="margin-left:40px"><strong>Topics</strong>: Tell us what you’re curious about in the cybersecurity world.<br /> <strong>Guests</strong>: Know someone who’d be a great interview? We’d love to hear about them.</p> <p><strong>Reach Ou</strong>t: Drop us an email or message us on social media. Your suggestions help shape our show, and we can’t wait to hear from you!</p>
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at [email protected] for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.