Facebook's ThreatExchange to share threat intelligence
Facebook has launched ThreatExchange, an API-based clearing house for companies to share threat intelligence with each other.
Launch partners include Pinterest, Tumblr, Yahoo, Bitly and Dropbox and the aim of the platform is to share everything from bad URLs and domains to recommended online safeguards.
The application programming interface (API) builds on Facebook's internal threat system, called 'ThreatData', and partners are able to choose how much data they share and with whom – a handy addition given some of these companies are competitors.
Facebook manager of threat and infrastructure, Mark Hammell says: “Our goal is that organisations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other's discoveries, and make their own systems safer. That's the beauty of working together on security. When one company gets stronger, so do the rest of us.”
Chris Boyd, malware intelligence analyst at Malwarebytes, said in an email to journalists: “There are many ways for dedicated security companies to share data, but a platform where organisations who provide services such as cloud storage, social networking and email, can share threat intel is an intriguing proposition. Given the mainstream penetration of such offerings amongst consumers and businesses nowadays, it could be an interesting way of getting these companies more deeply involved in protecting internet users in general.”
Facebook has now opened up registrations so that other companies can apply to join. This announcement follows just days after the US government proposed a new cyber-intelligence agency, the Cyber Threat Intelligence Integration Center, which would ‘join the dots' between the various federal agencies, when investigating serious attacks such as recent examples at Sony Pictures and Target.