The ONUG Cloud Security Notification Framework (CSNF) is an open-source initiative launched by the ONUG Collaborative in 2021 to address a vexing challenge in cloud computing today: how to respond effectively to the disparate and growing array of non-standard, security-related alarms and notifications generated in multi-cloud operational contexts encompassing public cloud services and private cloud infrastructure. The CSNF team has developed a canonical data model that normalizes the Tower of Babel of security notifications generated by a myriad of cloud services and systems by defining a universal log message format that can be easily interpreted by SOC analysts.
In 2023, the two-year effort of the CSNF team culminated in the integration of CSNF’s normalized, canonical data model message mappings into Splunk’s industry-leading SIEM platform as a CSNF Splunk TA (technology add-on). Building upon this success, in 2024 the project moved into go-to-market mode to realize the goal of getting CSNF widely adopted by security operations teams within large enterprise IT organizations.
The team has focused its efforts in three areas:
Attend this session to learn more about these CSNF project initiatives from the team leaders and how your company can benefit by adopting the canonical data model.
Josh Hammer is a Field CISO with Oracle. In this role, he works with customers to help them build innovative cloud security architectures and strategies that standardize and accelerate the secure adoption of Oracle Cloud Infrastructure (OCI). Before returning to Oracle, he was a Security Partner Solutions Architect with Amazon Web Services. In this role, he works closely with various strategic security partners to build cloud-optimized architecture and develop strategies with business development teams. Before this, he was a Security Architect in the AWS Professional Services organization, where he helped large enterprises adopt AWS.