OASIS Heimdall Data Format (OHDF) TC

 View Only



Chair: Aaron Lippold, MITRE Corporation

Chair: Mike Fraser, Sophos Ltd

OASIS Staff Contact: Kelly Cullinane


Developing a standard vendor-agnostic data format to support cybersecurity product interoperability without the need for customized integrations.

Group Notes


The OHDF TC successfully held its inaugural meeting on 07 March 2023. Twenty three members attended. Aaron L Lippold of MITRE and Mike Fraser of Sophos were elected as co-chairs. Stefan Hagen was elected secretary.

Participation in the OHDF TC is open to all interested parties. Contact join@oasis-open.org for more information.


The OHDF TC's goal is to develop a common format for exchanging normalized security data between cybersecurity tools. A standard vendor-agnostic data format will support cybersecurity product interoperability without having to create customized integrations.

Security tools typically generate data in unique formats that require multiple dashboards and utilities to review. This leads to a time-consuming process for completing security assessments, data in disparate locations and inconsistent semantics of data elements across formats. In addition, few security tools provide context to relevant compliance standards for comparison across security tools.

Numerous stakeholders and adopters can benefit from the work of the OHDF TC:

  • For Commercial and Vendor Cybersecurity Partners, OHDF defines a standardized, interoperable target format that vendor tools can consume across their customer base consistently and that is easily managed within the product lifecycle.

  • For the Open Source Community, OHDF enables easy integration with commercial solutions without the need for direct partnerships.

  • For Government Agencies, OHDF can streamline business processes by having a standard, open source, machine-readable format for all security data.

  • For Academia, OHDF offers a structured way to communicate and enhance research findings throughout the security community.

  • For Corporate and Federal CISOs/CIOs, OHDF can increase visibility across the enterprise by taking advantage of normalized security data in a standard format that supports risk information interoperability from a broad range of inputs to support security risk decision-making.

  • For Security Engineers, OHDF can reduce resource requirements for multiple security data types by standardizing formatting across disparate security tools.

  • For Risk Managers, OHDF can improve decision making by using a standardized format to facilitate automation, standardize communication requirements, and inform risk-based analysis.

  • For DevSecOps/Software Engineers, OHDF can streamline CI/CD processes by leveraging a standardized format to collate/aggregate normalized security data to support automated and continuous security processes.

For more information, see the OHDF TC Charter.

Mailing Lists and Comments

ohdf: the discussion list used by TC members to conduct Committee work. TC membership is required to post, and TC members are automatically subscribed. The public may view the OASIS list archives.

ohdf-comment: a public mailing list for providing feedback on the technical work of the OHDF TC. To send a comment, follow the instructions on the TC's public web page here or view the OASIS comment list archives.

Press Coverage and Commentary

Public Resources


Log in to see this information

Either the content you're seeking doesn't exist or it requires proper authentication before viewing.