OASIS Launches Initiative To Standardize Exposure Management Practices In Cybersecurity

(MENAFN- EIN Presswire) EINPresswire/ -- As cybersecurity organizations face increasingly complex technology footprints and evolving cyber threats, a unified approach to exposure management has never been more critical. OASIS Open, the global open source and standards organization, is launching the Open Exposure Management Framework (OEMF) Technical Committee (TC) to create a community-driven, standards-based framework to prevent, assess, and resolve organizational exposures in organizational technology.

"Having focused on find-and-fix security for the last decade, I understand the importance of having specific guidance on managing technology exposure,” said Chris Peltz, GuidePoint Security and OEMF TC convener.“I'm excited to be part of this group of stellar professionals building the Open Exposure Management Framework, which will deliver guidance on best practices and enable organizations to finally begin preventing exposure at scale."

The OEMF TC will develop a comprehensive exposure management lifecycle and capability requirements that integrate with existing cybersecurity frameworks such as NIST, CIS, and Gartner. Its deliverables will include vendor-agnostic best practices, a maturity assessment model, and tactical implementation guidance to help organizations maximize their security investments.

The TC's work will also address data inconsistencies across disparate exposure sources and bridge secure design practices with operational security activities. By establishing a functional lifecycle, mapping capability requirements to recognized frameworks, and defining an industry-accepted maturity scale, the framework will equip organizations with the tools to prevent, assess, and resolve technology exposures. These resources will be particularly valuable for larger enterprises, public entities, and organizations that design their own infrastructure and applications.

The OEMF TC welcomes contributions from cybersecurity professionals, security vendors, enterprise practitioners, and anyone committed to advancing exposure management practices. The first meeting is Friday, 31 October 2025. To learn more about how to get involved in this collaborative effort, contact....

Support for the OEMF TC

GuidePoint Security
“GuidePoint Security is proud to contribute to the development of the Open Exposure Management Framework, helping define what effective Exposure Management looks like across the industry. This collaboration marks a key milestone in uniting the cybersecurity community around a common approach to reducing exposure and commitment to staying ahead of evolving threats.”
-Chris Peltz, Director, Strategy and Solutions Architecture at GuidePoint Security

Tenable
“Exposure management is a transformational mindset shift and strategic approach to how organizations measure and reduce cyber risk. Instead of reacting, exposure management enables organizations to get ahead of attackers by resolving issues before they can be exploited. This is why it's so important that Tenable collaborates with cybersecurity luminaries to build an exposure management framework that empowers organizations to successfully implement exposure management practices and focus on what matters most.”
-Eric Doerr, Chief Product Officer, Tenable

About OASIS Open
One of the most respected, nonprofit open source and open standards bodies in the world, OASIS advances the fair, transparent development of open source software and standards through the power of global collaboration and community. OASIS is the home for worldwide standards in AI, emergency management, identity, IoT, cybersecurity, blockchain, privacy, cryptography, cloud computing, urban mobility, and other content technologies. Many OASIS standards go on to be ratified by de jure bodies and referenced in international policies and government procurement.

Media Inquiries:...

MENAFN30102025003118003196ID1110271707