The py-ocsf-models package offers a Python implementation of the Open Cybersecurity Schema Framework (OCSF) models, facilitating the manipulation and understanding of cybersecurity data within Python applications. This package provides a rich set of models covering various aspects of cybersecurity events, findings, objects, and profiles as defined by the OCSF Schema, enabling developers to work with structured cybersecurity data efficiently.
In Prowler, we leverage the py-ocsf-models package to generate JSON formatted OCSF outputs, specifically focusing on Detection Findings. This integration facilitates the standardization and sharing of cybersecurity findings in a structured and widely-accepted format, enhancing the interoperability between different security tools and platforms.
- Comprehensive OCSF Schema Implementation: Includes models for events, findings, objects, and profiles, covering the entire OCSF Schema.
- Easy Data Manipulation: Easily create, modify, and interact with cybersecurity data structures.
- Serialization and Deserialization Support: Convert OCSF model instances to and from JSON for easy storage and transmission.
- Extensible Design: Extend and customize models to fit specific requirements while staying compliant with the OCSF schema.
- Detection Finding
- Compliance Finding
- Application Security Posture Finding
Install py-ocsf-models using pip:
pip install py-ocsf-modelsImport the package in your Python application:
import py_ocsf_modelsYou can find ready-to-run examples demonstrating how to generate events using the OCSF schema in the examples folder.
To release a new version of py-ocsf-models:
-
Create a PR with version update: Update the version number in
pyproject.tomland create a pull request with the changes. -
Create a GitHub release: Once the PR is merged into the master branch, create a new release in GitHub from the master branch. This will automatically trigger the
pypi-release.ymlworkflow to publish the package to PyPI.
Contributions are welcome! Whether you're fixing a bug, adding new features, or improving the documentation, please feel free to make a pull request or open an issue.
This project is licensed under the Apache-2.0 License - see the LICENSE file for details.
This package is built to support and encourage the adoption of the Open Cybersecurity Schema Framework (OCSF) and facilitate the handling of cybersecurity data in Python applications.
For support, questions, or feedback, please open an issue on the GitHub repository.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
![@github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=64&v=4){kind=small}
