News Alert: Hunters Announces Full Deployment of OCSF and Introduces OCSF Native Search

SAN FRANCISCO, May 7, 2024, CyberNewsWire –– Hunters, the pioneer of modern SOC platforms, today announced the full launch of the Open Cybersecurity Schema Framework (OCSF) and the launch of the groundbreaking OCSF native search functionality.

This strategic advancement underscores Hunters’ commitment to standardizing and improving cybersecurity operations through open, integrated data exchange frameworks.

Explaining the strategic importance of this move, Uri May, CEO of Hunters, stated: “Adopting OCSF as our primary data model represents a transformative step in our journey to improve cybersecurity operations.” Additionally, our new enhanced OCSF-native search functionality will “Transforming the way security data is searched and analyzed, providing unprecedented efficiency and precision.”

Democratization of the security forces

The introduction of OCSF provides a unified, standardized language across cybersecurity tools and platforms, simplifying data integration and analysis workflows. The launch promotes seamless interoperability and enables improved collaboration between cybersecurity professionals. This promotes flexibility and innovation by eliminating limitations imposed by proprietary data formats.

“The introduction of OCSF will not only enhance our AI-driven security solutions, but also enable seamless data integration across vast and diverse data sets, significantly improving the speed and accuracy of threat detection and response,” May added.

The benefits of adopting OCSF include:

•Optimized processes and improved collaboration – Practitioners use a common security language, promote the efficient sharing of insights and best practices, and strengthen collective defense strategies.

•Breaking through vendor lock-in and data silos – Organizations are not limited by proprietary data formats from specific providers.

•Revolutionary threat hunting and investigation – By moving from logs to context-aware events and objects, OCSF enables multi-level attack analysis and context-rich threat hunting.

•Accelerating AI and Gen-AI in security – Standardized data schema accelerates the development of AI-driven security solutions.

New era in cybersecurity analysis

Hunters is excited to launch its revolutionary OCSF-native search functionality, designed specifically for SOC analysts and threat hunters. This innovative technology addresses the complexity of “query engineering” by leveraging a universal data schema – OCSF – to optimize the search process across different data formats and environments. In addition to reducing the frustrations and errors associated with traditional query syntax, the new search capabilities improve general and specialized investigative capabilities, transforming the way security teams interact with data and dramatically accelerating their operations.

OCSF Native Search revolutionizes search in the following ways:

•Event and object-based search: A new search paradigm – Hunter’s SOC platform introduces event- and object-based search and eliminates the complexity of source-specific log formats by allowing analysts to search cybersecurity events and objects without the need for field normalization or navigating different log formats.

•Democratizing data analysis: Equipping analysts at all levels for success – OCSF native search simplifies the search experience and eliminates the need for SQL knowledge or specialized knowledge of tools like Kibana or KQL. With an intuitive interface tailored to the OCSF model, analysts of all experience levels can quickly gain proficiency and bypass traditional complexities and lengthy training sessions.

•Curated entity investigation workflows: One-click investigations – With this new feature, analysts can go directly from hunter alerts to search with a single click, automatically filling out and executing queries for comprehensive context. This eliminates the need for manual query creation, enabling a seamless investigation workflow that allows analysts to efficiently investigate and analyze security incidents.

•Timeline Experience: Improved chronological insights for security analysis – A new timeline-based search approach enables analysts to examine the chronological history of security events. This feature provides insights into patterns, anomalies, and potential threats, improving investigative workflow. Analysts can identify connections, track threat development and efficiently optimize investigations.

“Our new search functionality is critical for both experienced and novice security professionals,” says Yuval Itzchakov, CTO at Hunters. “It improves SOC operations by providing Tier 1 analysts the clarity they need for higher-level analysis and democratizes security insights, making advanced investigations accessible to more team members.”

Contribute to the community

In conjunction with this new product release, Hunters is also proud to contribute to the cybersecurity community by sharing one hundred security protocol mappings to the OCSF schema. This contribution is part of their commitment to fostering an open and collaborative environment where knowledge sharing accelerates innovation and strengthens security posture across the industry.

The full adoption of OCSF and the launch of our OCSF-native search functionality represent important milestones in Hunters’ ongoing mission to innovate and automate cybersecurity analytics and operations. By leveraging open standards and providing powerful, intuitive search capabilities, they not only advance our platform, but also contribute to a more connected, efficient and effective cybersecurity ecosystem.

To know more, users can visit us at RSAC Booth #4317, Moscone Northor contact us at www.hunters.security

Media contact: Ada Filipek Hunters [email protected]

May 8, 2024 | News Alerts | Top stories