Freshly inked partnership follows the development of two open source security tools
The French National Cybersecurity Agency (ANSSI) has formally joined Luatix, a non-profit aimed at helping organizations improve their cybersecurity defenses, after helping develop the group’s threat intelligence and crisis management platforms.
Created last year, Luatix is focused on conducting research and development in the fields of information security and crisis management.
ANSSI’s official membership will see the agency become more heavily involved in product roadmaps and governance; project management and coordination with external entities; features and third-party tooling development; and community animation, according to a press release published by Luatix.
Luatix has described ANSSI as a founding member, having been the first organization, along with CERT-EU (the Computer Emergency Response Team for EU Institutions), to be involved in Luatix’s inaugural security projects, OpenCTI and OpenEx.
OpenCTI, designed for integrating, storing, organizing, visualizing, and sharing cyber threat intelligence, was initially developed internally at ANSSI to help store and structure the agency’s knowledge on cyber threats.
Last spring, it was open-sourced to the wider cybersecurity community.
OpenCTI is a free-to-use security and threat intelligence platform
The platform supports collaborative work, real-time monitoring, statistics, and the management of feedback.
Gap in the market
Gerome Billois, global cybersecurity partner at French security consultancy Wavestone, says OpenEx fills an important gap in the market.
“I think it’s a very good initiative,” he tells The Daily Swig. “Right now, if you look at the cybersecurity tools that we have, there are plenty of tools to protect and secure information systems, but we are still in the process of building efficient tools to respond to and to allay the threat.”
Billois added: “Right now, cybersecurity drills are often carried out manually. But you reach a limit at some point, and now these large companies are having to train on managing very large cybersecurity incidents… I think it is a very good idea to test them with this tool, which is open source.”
Open source developments
Luatix will continue to develop the tools, with a new version of OpenCTI launched last month.
The data schema has been redesigned for more clarity and to align it as closely as possible with the STIX 2.1 standard, while the performance and scalability of the ingestion process have been improved.
Real-time synchronization of several OpenCTI platforms and live feeds is now included, and the technology stack has been simplified. Several new connectors for data import and management have also been released.
The initiative has been widely welcomed, and a number of organizations are using the tools already, with OpenCTI having been downloaded around 10,000 times.
“It’s great that a strong public cybersecurity body such as the ANSSI shares a part of their tools as open source,” says Sergio Loureiro, cloud security director at security firm Outpost24.
“Furthermore, having skin in the game as a founding member of Luatix will help to continuously improve the features of OpenCTI and OpenEX projects and hopefully show the way to sharing and improving more projects to the cybersecurity community.”