About OpenALBA

Mission

OpenALBA aims to standardize how organizations detect behavioral anomalies at the application layer. By providing a vendor-neutral specification, we enable consistent detection methodologies across different observability stacks while allowing organizations to customize risk interpretation for their specific needs.

The specification builds on the foundation of OpenTelemetry for signal collection and integrates with established security frameworks like MITRE ATT&CK for detection pattern classification.

Key principles

• Vendor neutrality

  The specification is not tied to any commercial product or vendor.

• Standards alignment

  Built on OpenTelemetry and aligned with NIST and MITRE frameworks.

• Community driven

  Development happens in the open with community input and governance.

Learn more