Hunters Announces Full Adoption of OCSF and Introduces OCSF-Native Search – Latest Hacking News

6 Min Read

Hunters, the pioneer of modern SOC platforms, today announced full adoption of the Open Cybersecurity Schema Framework (OCSF), coupled with the launch of groundbreaking OCSF-native search capabilities. This strategic advancement underscores Hunters’ commitment to standardizing and improving cybersecurity operations through open, integrated data sharing frameworks.

Uri May, CEO of Hunters, explained the strategic significance of this move, saying: “Adopting OCSF as our primary data model represents a transformational step in our journey to improve cybersecurity operations. In addition, our new advanced OCSF native search functionality will transform the way security data is searched and analyzed, delivering unprecedented efficiency and precision.”

Democratizing security operations with OCSF

Adopting OCSF provides a unified, standardized language for cybersecurity tools and platforms, simplifying data integration and analytics workflows. The adoption promotes frictionless interoperability and enables enhanced collaboration among cybersecurity professionals, promoting flexibility and innovation by eliminating the limitations imposed by proprietary data formats.

“Adopting OCSF will not only enhance our AI-driven security solutions, but also enable seamless data integration across massive and diverse data sets, dramatically improving the speed and accuracy of threat detection and response,” May added to.

Some benefits of adopting OCSF include:

  • Streamlined operations and improved collaboration – Practitioners use common security language, promoting efficient exchange of insights and best practices and strengthening collective defense strategies.
  • Breaking supplier lock-in and data silos – Organizations are not limited by proprietary data formats of specific suppliers.
  • A revolution in threat detection and investigation – By moving from logs to context-aware events and objects, OCSF enables multi-phase attack analysis and the search for context-rich threats.
  • Accelerating AI and Gen-AI in security – Standardized data schema accelerates the development of AI-driven security solutions.
See also  Yeedi M12 Pro+ Vacuum Mop Review: For Spotless Hard Floors and More

OCSF-native search functionality: a new era in cybersecurity analytics

Hunters is excited to launch their revolutionary OCSF native search functionality, designed specifically for SOC analysts and threat hunters. This innovative technology addresses the complexity of query engineering by using a universal data schema (OSF) to streamline the query process across diverse data formats and environments. The new search capabilities not only reduce the frustration and errors associated with traditional search syntax, but also enhance both general and specialized search capabilities, transforming the way security teams interact with data and significantly accelerating their operations.

OCSF-Native Search is revolutionizing search in the following ways:

  • Event- and object-based search: A new search paradigm – Hunter’s SOC platform introduces event- and object-based search, eliminating the complexity of source-specific log formats by allowing analysts to search cybersecurity events and objects without the need for field normalization or navigating different log formats.
  • Democratizing data analytics: equipping analysts of all levels for success – OCSF native search simplifies the search experience, eliminating the need for SQL skills or specialized knowledge of tools like Kibana or KQL. With an intuitive interface aligned with the OCSF model, analysts of all experience levels can quickly become proficient, bypassing traditional complexities and lengthy training sessions.
  • Managed Entity Investigation Workflows: One-Click Investigations – This new capability allows analysts to switch directly from Hunters alerts to Search with one click, automatically populating and executing queries for deep context. This eliminates the need for manually building queries, enabling a seamless investigation workflow that allows analysts to efficiently explore and analyze security incidents.
  • Timeline Experience: Improved Chronological Insight for Security Analysis – A new timeline-based search approach allows analysts to examine the chronological progression of security events. This feature provides insight into patterns, anomalies, and potential threats, improving investigation workflow. Analysts can identify correlations, track threat evolution, and efficiently streamline investigations.
See also  Apple has tragically killed its last device that still had a headphone jack

“Our new search functionality is a game-changer for both experienced and novice security professionals,” said Yuval Itzchakov, CTO at Hunters. “It improves SOC operations by providing Tier 1 analysts with the clarity needed for higher-level analysis and democratizes security insights, making advanced investigations accessible to more team members.”

Contributing to the Community – OCSF Mapping

In conjunction with this new product release, Hunters is also proud to contribute to the cybersecurity community by sharing one hundred security log assignments to the OCSF schema. This contribution is part of their commitment to fostering an open and collaborative environment where knowledge sharing accelerates innovation and strengthens safety positions across the sector.

The full adoption of OCSF and the launch of our OCSF-native search functionality mark important milestones in Hunters’ ongoing mission to innovate and automate cybersecurity analytics and operations. By embracing open standards and providing powerful, intuitive search capabilities, they not only advance our platform, but also contribute to a more interconnected, efficient and effective cybersecurity ecosystem.

For more information visit us at RSAC booth #4317, Moscone Northor contact us at www.hunters.security

Contact

Ada Filipek

Hunters

[email protected]

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *