Cloud Security Notification Framework (CSNF) Project Team

ONUG Collaborative Project Team

The Cloud Security Notification Framework (CSNF) Project team is focused on driving the adoption of CSNF by enterprise security operations teams.

Sign up to participate
Cloud Security Notification Framework (CSNF)

What We’re Working On

Driving the adoption of CSNF – A common taxonomy for security event notifications

CSNF provides a framework for normalizing the multiplicity of security-related event notifications emitted by cloud service providers, SaaS applications and on-premise private cloud systems. The framework is based on a multicloud canonical data model for translating provider-specific observability messages into a common taxonomy. CSNF accelerates security operations workflows and enables security analysts to rapidly respond to complex, large-scale multicloud security threats.

The CSNF Project is focused on raising awareness and spurring industry adoption of CSNF for identifying and mitigating against multicloud security threats in the SOC. Team members are engaged with suppliers in the enterprise multicloud ecosystem to incorporate additional supplier-specific message mappings into CSNF.

In 2024, the project team will also be conducting “Capture the Flag” events at ONUG Spring and Fall so that SOC practitioners can gain direct, hands-on experience utilizing CSNF in a simulated environment where they are tasked with identifying multicloud security threats.

For SOC teams that use Splunk’s SIEM database, the CSNF multicloud canonical data model is available in Splunkbase as a Splunk Technology Add-On, so that incoming messages can be automatically mapped into their corresponding canonical representation


Get the LATEST Project Team specific news

Applying the CSNF Multicloud Canonical Data Model

The original security notifications are stored in the SIEM database. CSNF-translated events and attributes are used to drive incident response decision making.

Publications & Related Content

Project Team Member Companies

Join The ONUG Collaborative

The ONUG Collaborative is a consortium of enterprise IT professionals and suppliers – product vendors, cloud service providers, communications service providers and system integrators. It provides an unbiased forum for driving industry change and enabling IT professionals to break through barriers to achieve better business outcomes.

The Collaborative facilitates peer-to-peer engagement between its members, including enterprise thought leaders, early adopters and technology innovators. These members then collaborate on solutions for overcoming critical networking and security challenges in the Cloud Era. The Collaborative offers a level playing field for the open exchange of viewpoints and insights that helps foster valuable relationships between enterprises and suppliers.

Join The Community Today