Adopt Multi-Cloud Security Today with ONUG and CSNF

Adopt Multi-Cloud Security Today with ONUG and CSNF

Last month, Oracle was proud to serve as the industry sponsor for the ONUG Spring Conference.  With a hybrid presence both in New Jersey and online, we interacted with more than 2000 attendees, many of whom are users of the ONUG working groups. The working group is developing the Cloud Security Notification Framework (CSNF) for consistent security, observability, and reporting across cloud service providers.

For many of us attending the in-person event, this was the first in-person event in over two years.  It was great to see old friends and the new colleagues met only over Zoom.  The conversations were high in quality, and many of us felt that this was a worthy trip.

Oracle speakers shared our perspectives on CSNF, including:

  • Johnnie Konstantas, GVP of Cloud Engineering, spoke both in a keynote with Peter Campbell from Cigna about the importance of prescriptive and automated security and on a panel with representatives from Cigna, Google Cloud, Concourse Labs, and IBM Research about how the shared responsibility model for a secure cloud is helping forge collaborative outcomes.
  • Sean Sweeney, Sr. Director, Cloud Security Advisor Group, both kicked off and closed the event alongside ONUG leaders.
  • Josh Hammer, Field Chief Security Architect, shared a proof of concept demonstrating how OCI security services integrate with the ONUG Cloud Security Network Framework decorator to help organizations quickly and centrally identify and remediate security misconfigurations, threats, and insecure activities.

For those who are interested in trying out the OCI Birthday Cake CSNF demo, Josh Hammer has published the source code. There you can find:

  • Sample code from OCI that provides a spreadsheet for mapping CSP and security provider alerts to the ONUG CSNF canonical mode,
  • A python script to covert that spreadsheet into a JSON for programmatic use, and
  • An OCI function that can convert mapped CSP JSON events to ONUG CSNF then write them to an OCI Log for parsing.

You can find a guide to set it up in your OCI tenancy and as well as the source code here: https://github.com/onug/CSNF/tree/main/oci_csnf_birthday_cake.

Overall, the event proved to be a great place to further continue conversations about multi-cloud security.   Stay tuned to learn more about Oracle’s work in CSNF and ONUG.  We look forward to meeting you at future ONUG events.

Additional resources:

Author's Bio

Maywun Wong

Director, Product Marketing, Oracle
Maywun Wong has over 20 years of experience in marketing, product management, and engineering for technology and cloud companies of all sizes. Currently, she is Director of Product Marketing in the Cloud Business Group at Oracle with prior experience at Cisco, Nokia, Siebel, Motorola, and AT&T. Maywun holds an M.B.A. from the University of Michigan Ross School of Business and a B.S. in Electrical Engineering from Northwestern University.