Open Threat Exchange brings a community approach to fighting attacks
Combating cyber threats effectively means having fast access to information about the latest attacks so that you can respond quickly.
Security management company AlienVault is taking a community approach to this with the launch of an updated version of its Open Threat Exchange (OTX), based on social sharing technology.
Available in beta since April this year, the latest OTX enables security practitioners from around the world to openly research and collaborate on emerging threats, correlate data better and quickly implement that threat data into their own security systems, including AlienVault's Unified Security Management (USM) v5.1, which is also generally available today.
Since its launch in 2012 OTX has grown to have more than 26,000 participants in over 140 countries that contribute more than one million threat indicators daily. Powered by a big data platform it combines natural language processing and machine learning to automate the collection and correlation of threat data from a variety of sources. The latest version of OTX contains thousands of threats, or pulses, created by participants. Each OTX pulse provides users with a summary of the threat, a view into the software targeted and the related indicators of compromise (IoC) that can be used to spot attacker activity and detect threats from IP addresses, domains, malware samples, emails and file hashes.
"We created the Open Threat Exchange on a core belief of strength in numbers," says Barmak Meftah, president and CEO of AlienVault. "It has been shown time and time again, that if we work together as a community and freely share threat information and resources we can identify attacks sooner and react quicker, before they become devastating breaches. A collaborative defense is the only way to get ahead of the attackers. Security wins when we go on the offensive".