Re: [oca-tsc] RE Alertflex / Open Cybersecurity Alliance



Based on the fact the email thread below went to oca-tsc, I assume you are speaking with Oleg as “OCA” as opposed to “IBM Business Development” (per your signature line). If you are speaking with Oleg as IBM, then ignore this email. But if you are speaking as OCA, would you let us know the results of your discussion?  I believe Russ Warren has proposed to track issues for the PGB like potential new projects so I’m guessing the proper process (I’m not sure we’ve established one yet) is for you to inform Russ and it would be part of his report to the PGB. Not details – just ‘looking good as potential project’ or ‘potential new member’ or ‘won’t join but OCA stuff should interwork with their stuff’  or ‘was a bust’ or ‘still evaluating’ or …


Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

I welcome VSRE emails. Learn more at



From: oca-tsc <oca-tsc@...> on behalf of "RoseAnn Guttierrez via" <>
Reply-To: oca-tsc <oca-tsc@...>
Date: Thursday, April 9, 2020 at 11:14 AM
To: oca-tsc <oca-tsc@...>
Cc: Carol Geyer <carol.geyer@...>, "Darren_Thomas@..." <Darren_Thomas@...>, "jory.burson@..." <jory.burson@...>, oca-tsc <oca-tsc@...>, Russell Warren <russell.warren@...>
Subject: Re: [oca-tsc] RE Alertflex / Open Cybersecurity Alliance


Hi Oleg,


I am excited to work with you.  I will send another email to you directly to set up a time.



Technical Enablement Specialist - Business Development
IBM Security





----- Original message -----
From: "Jason Keirstead" <Jason.Keirstead@...>
Sent by: oca-tsc@...
To: oca-tsc@...
Cc: carol.geyer@..., "Thomas, Darren" <Darren_Thomas@...>, jory.burson@..., oca-tsc@..., "RoseAnn Guttierrez" <RoseAnn.Guttierrez@...>, "Russell Warren" <russell.warren@...>
Subject: [EXTERNAL] Re: [oca-tsc] RE Alertflex / Open Cybersecurity Alliance
Date: Thu, Apr 9, 2020 9:44 AM

Hi Oleg;


I want to introduce to you RoseAnn and Russ. They are with the IBM business development team and I have been told they can help you get enabled on STIX Shifter. 

Please let us know how we can help in any way, we can set up a web conference to walk you through it if you want.


Jason Keirstead
Chief Architect - IBM Security Threat Management

Co-Chair - Open Cybersecurity Alliance, Project Governing Board



----- Original message -----
From: Oleg Zharkov <oleg.zharkov@...>
Sent by: oca-tsc@...
To: Jason Keirstead <Jason.Keirstead@...>
Cc: "Thomas, Darren" <Darren_Thomas@...>, carol.geyer@..., jory.burson@..., oca-tsc@...
Subject: [EXTERNAL] Re: [oca-tsc] RE Alertflex / Open Cybersecurity Alliance
Date: Tue, Apr 7, 2020 6:03 PM
Hello Jason,

Thank you for the invitation.

Today I created on Github a new repository for module Controller as a part of Alertfex project -
It has functional of CTI (direct JDBC connection to MISP for reputation checks of IP addresses, DNS records, MD5 and SHA1 hashes of files).
I will see how possible to integrate this package with STIX-Shifter project. This will require some time to learn STIX-Shifter project.

Best regards,
Oleg Zharkov


Hello Oleg;

We're excited that you are interested in our work at the OCA. Our entire mission is to enable increased interoperability and data sharing among all cybersecurity tools, both open and closed source. We would love to help you figure out how OCA's tooling can be interested with Alertflex. As well we would always welcome any feedback on improvements or pull-requests to the tools, to add integrations with platforms like Alertflex.

I would encourage you to not only look at OpenDXL, but potentially also the STIX-Shifter project... you may be able to make use of this code inside your platform to query lots of third party data lakes from inside Alertflex.

I'd encourage you to join our Slack where you can interact with us in real time. I generated you an invite link below.

Looking forward to future conversation;




I'm Oleg Zharkov developer open-source project, that includes two-way JSON based protocol for managing open source IDS (CRS, HIDS, NIDS, WAF).
I see that the protocol can be adapted to OCA OpenDXL Ontology to provide management access for IDS hub.
I have small experience working with OpenDXL via Java client and also, I consider the possibility of join OCA github.
Please, contact me if you are interested to collaborate with altprobe/alertflex project.

Best regards,
Oleg Zharkov

Jason Keirstead
Chief Architect - IBM Security Threat Management

"Would you like me to give you a formula for success? It's quite simple, really. Double your rate of failure."

- Thomas J. Watson





Join to automatically receive all group messages.