Governance
Overview
OpenALBA is maintained by the OpenALBA Working Group under an open governance model. The project is committed to vendor neutrality and community-driven development.
Principles
- Openness: All specification work happens in public
- Consensus: Major changes require working group agreement
- Vendor neutrality: No single vendor controls the specification
- Compatibility: Changes maintain backward compatibility where possible
Decision making process
Specification changes (major)
- Author submits RFC as GitHub pull request
- 14-day community review period
- Working group discussion and iteration
- Consensus approval required (no sustained objections)
- Merge and version bump
Specification changes (minor)
- Author submits pull request with rationale
- 7-day review period
- Two maintainer approvals required
- Merge to specification
Security issues
- Report via security@openalba.org
- Expedited private review (48 hours)
- Coordinated disclosure after fix available
Working groups
| Working Group | Scope | Meeting |
|---|---|---|
| Core Specification | Scoring methodology, baseline algorithms | Bi-weekly |
| Integrations | OpenTelemetry, vendor adapters | Monthly |
| Detection Patterns | New patterns, MITRE mappings | Monthly |
Maintainers
NB
Nathaniel Bobrick
Developer Operations
JC
Jonathon Carlyon
Analytics & Methodology
NS
Nate Schmitz
Security
Get involved
OpenALBA is a small, community-driven project. If you're interested in shaping the specification:
- •Join the discussion on GitHub issues and pull requests
- •Propose changes via the RFC process
- •Share implementation feedback from real-world use
Active participants who demonstrate expertise and good judgment may be invited to join as maintainers.
Code of conduct
All participants in the OpenALBA community are expected to follow the Contributor Covenant Code of Conduct.
Licensing
The OpenALBA specification is released under the Apache License 2.0.
Last updated: 2026-01-31