Collective defense helps security professionals collaborate against cyber crime
To be effective in fighting cyber crime it's important that businesses are able to share intelligence effectively.
Endpoint security company Carbon Black is enabling this with its new Detection eXchange, a collective defense ecosystem which will enable thousands of security professionals to collaborate against hackers and prevent cyber attacks.
Through the Detection eXchange, Carbon Black customers and partners can collaborate and share 'Patterns of Attack' (POA), threat intelligence encompassing the specific series of behaviors attackers use to compromise systems. These patterns include the root causes of attacks -- such as exploits or vulnerabilities -- and are far more expensive for an adversary to change than Indicators of Compromise (IOC).
Once POAs are identified in the Detection eXchange, they can be turned on as watchlists within the Carbon Black Security Platform to automatically detect when malicious behavior occurs in an enterprise environment. This sharing system makes the collective knowledge of top security experts available to every community member.
"Simply put, the more attackers attack, the stronger we become as a community via the Detection eXchange," says Carbon Black's chief technology officer Michael Viscuso. "No organization should have to battle adversaries alone. In uniting the cyber-security community, we are empowering businesses to benefit from threat intelligence previously reserved for only those teams with mature security programs".
A part of its commitment to the security community, Carbon Black has publicly published its APIs and open-sourced all of its third-party integrations. "Historically, vendors have only worked together when it's advantageous to a company's bottom line," Viscuso adds. "That self-serving approach no longer works. Customers should not be locked into a single security platform that doesn’t allow for integration with best-of-breed security at every layer of the stack. We welcome anyone in the security industry to access our APIs".
Technical information on using the APIs is available via the Carbon Black Developer Network.
Image Credit: Tischenko Irina / Shutterstock