Hunters, the pioneer in fashionable SOC platforms, at the moment introduced its full adoption of the Open Cybersecurity Schema Framework (OCSF), coupled with the launch of groundbreaking OCSF-native Search functionality. This strategic development underscores Hunters’ dedication to standardizing and enhancing cybersecurity operations by open, built-in information sharing frameworks.
Uri Might, CEO of Hunters, defined the strategic significance of this transfer, stating, “Adopting OCSF as our primary data model represents a transformative step in our journey to elevate cybersecurity operations. Alongside this, our new advanced OCSF-native search functionality is set to transform how security data is searched and analyzed, offering unprecedented efficiency and precision.”
Democratizing Safety Operations with OCSF
The adoption of OCSF gives a unified, standardized language throughout cybersecurity instruments and platforms, simplifying information integration and evaluation workflows. The adoption fosters frictionless interoperability and permits enhanced collaboration amongst cybersecurity professionals, selling flexibility and innovation by eliminating constraints imposed by proprietary information codecs.
“Adopting OCSF will not only enhance our AI-driven security solutions but also enable seamless data integration across vast and diverse datasets, dramatically improving the speed and accuracy of threat detection and response,” added Might.
A few of the advantages of adopting OCSF embrace:
- Streamlined Operations and Enhanced Collaboration – practitioners use widespread safety language, selling environment friendly sharing of insights and finest practices, bolstering collective defence methods.
- Breaking Vendor Lock-in and Information Silos – Organizations will not be constrained by proprietary information codecs from particular distributors.
- Revolutionizing Menace Searching and Investigation – By shifting from logs to context-aware occasions and objects, OCSF permits multi-stage assault evaluation and context-rich risk searching.
- Accelerating AI and Gen-AI in Safety – Standardized information schema accelerates the event of AI-driven safety options.
OCSF-native Search Performance: A New Period in Cybersecurity Analytics
Hunters is thrilled to launch their revolutionary OCSF-native search performance, designed particularly for SOC analysts and risk hunters. This progressive know-how addresses the complexities of “query engineering” by leveraging a common information schema—OCSF—to streamline the search course of throughout numerous information codecs and environments. The brand new search capabilities not solely cut back the frustration and errors related to conventional question syntax but additionally improve each normal and specialised investigation capabilities, remodeling how safety groups work together with information and considerably accelerating their operations.
OCSF-Native Search is Revolutionizing Search within the following methods:
- Occasion and Object-Primarily based Looking: A New Search Paradigm – Hunters SOC platform introduces occasion and object-based looking, eliminating the complexities of source-specific log codecs, by enabling analysts to look cybersecurity occasions and objects with out the necessity for discipline normalization or navigating numerous log codecs.
- Democratizing Information Evaluation: Equipping Analysts of All Ranges for Success – OCSF-native search simplifies the search expertise, eliminating the necessity for SQL proficiency or specialised data in instruments like Kibana or KQL. With an intuitive interface tailor-made to the OCSF mannequin, analysts of all expertise ranges can shortly grow to be proficient, bypassing conventional complexities and prolonged coaching classes.
- Entity Investigation Curated Workflows: Investigations with a Single Click on – With this new functionality analysts can pivot immediately from Hunters alerts to Search with a single click on, robotically populating and executing queries for deep context. This eliminates the necessity for guide question constructing, facilitating a seamless investigative workflow that permits analysts to effectively discover and analyze safety incidents.
- Timeline Expertise: Enhanced Chronological Perception for Safety Evaluation – A brand new timeline-based method to look permits analysts to discover the chronological development of safety occasions. This characteristic gives insights into patterns, anomalies, and potential threats, enhancing the investigative workflow. Analysts can establish correlations, monitor risk evolution, and streamline investigations effectively.
“Our new search functionality is a game-changer for both experienced and novice security practitioners,” says Yuval Itzchakov, CTO at Hunters. “It elevates SOC operations by providing Tier 1 analysts with the clarity needed for higher-level analysis and democratizes security insights, making advanced investigations accessible to more team members.”
Contributing to the Neighborhood – OCSF Mapping
Along with this new product launch, Hunters can be proud to contribute to the cybersecurity group by sharing 100 mappings of safety logs to the OCSF schema. This contribution is a part of their dedication to fostering an open and collaborative setting the place data sharing accelerates innovation and strengthens safety postures throughout the business.
The total adoption of OCSF and the launch of our OCSF-native search performance mark important milestones in Hunters’ ongoing mission to innovate and automate cybersecurity analytics and operations. By embracing open requirements and offering highly effective, intuitive search capabilities, they don’t seem to be solely advancing our platform but additionally contributing to a extra interconnected, environment friendly, and efficient cybersecurity ecosystem.
To study extra, customers can go to us at RSAC Sales space #4317, Moscone North, or contact us at hunters.safety
Contact
Ada Filipek
Hunters
[email protected]
