Clik here to view.
Detecting Malicious Remote Authentication Requests Using Graph Learning
In my previous blog post, I introduced a Kestrel analytics to detect lateral movement using clustering sources, destinations, and users and deriving inter-cluster authentication paths. In this blog...
View ArticleMachine Readable Representation of Adversary Behavior (video)
The OCA Indicators of Behavior (IOB) Project works to represent patterns of behavior associated with malicious cyber activity. This video provides a brief overview of our reference implementation...
View ArticleClik here to view.
OCA Breakfast at RSA 2023
In conjunction with RSAC, the Open Cybersecurity Alliance (OCA) hosted a breakfast event on Wednesday, 26 April. With over 200 people that signed up, the meeting was a mix of short presentations and...
View ArticleEnd-to-end Testing for Cyber-Security Applications
Federated search is a multi-stage pipeline between cyber-security applications like Kestrel and data sources such as Elasticsearch or Crowdstrike. End-to-end testing of the entire pipeline is an...
View ArticleClik here to view.
Kestrel Data Retrieval Explained
Kestrel provides a layer of abstraction to compose hunt-flows with standard hunt steps that run across many data sources and data types. This blogs overviews how data is retrieved, processed, and...
View ArticleOCA and Kestrel at Black Hat 2023
At the Black Hat 2023 conference, attendees will hear from security experts sharing groundbreaking research at the Briefings, view demos of open-source tools at Arsenal, meet sponsors presenting a...
View ArticleClik here to view.
Announcing the Team Threat Hunting Project
Kestrel as a Service The Open Cybersecurity Alliance (OCA) is excited to announce the next milestone of the Kestrel subproject, Kestrel as a Service (KaaS). KaaS enables threat hunting at scale to...
View ArticleClik here to view.
Cybersecurity Automation Village
Join us for the next plugfest on 11-12 April. This is a Hybrid event. In-person space is limited.Welcome to the Cybersecurity Automation Village, hosted by the Open Cybersecurity Alliance (OCA)...
View ArticleOCA Community Connect: Not just another monthly meeting
We are thrilled to announce the launch of the OCA Community Connect podcast! In our rapidly expanding digital world, cybersecurity is not just about individual efforts but about collective resilience....
View ArticleUpcoming Events
19 March, 11 am EDT, OASIS Unveils CACAO v2.0 Webinar Join us for this webinar that reveals the latest advancements in Collaborative Automated Course of Actions Operations (CACAO), Version 2.0. This...
View Article