Facebook builds platform for companies to share cybersecurity threat data

Members of the platform will be able to query and upload data about the attacks they had to deal with

Facebook has built a platform where organizations can share information about the security threats they face in order to better fend off cyberattacks.

The need for increased sharing of threat data between companies or between the private sector and government has been a hot topic at cybersecurity conferences in recent years.

Security vendors have long had private channels for sharing such data among themselves, but this form of collaboration has limits, because, after all, many of them are competitors and have business models built around providing security intelligence to customers as a service.

Some companies also share information about attacks through dedicated industry groups, but this leaves them blind to attacks on companies in other industries that could later affect them too.

Facebook unveiled the new platform, ThreatExchange, on Tuesday. The idea behind it was born over a year ago when several Internet companies, including Facebook, were trying to stop a botnet that was abusing their services to send spam.

"We quickly learned that sharing with one another was key to beating the botnet because parts of it were hosted on our respective services and none of us had the complete picture," said Mark Hammell, manager of the Threat Infrastructure team at Facebook, in a blog post Wednesday. "During our discussions, it became clear that what we needed was a better model for threat sharing.

ThreatExchange is built on Facebook's existing infrastructure and provides companies with APIs (application programming interfaces) for querying or uploading new threat data. This information includes malicious domain names, malware samples and other indicators of compromise.

There are also control mechanisms built into the platform that allow companies to only share certain information with select groups of organizations, for example those that experience the same issue, Hammell said.

Twitter, Yahoo, Tumblr and Pinterest were early participants in the program and tested the platform as it was being developed. Box and Bitly have joined more recently and Facebook hopes that other companies will soon express their interest in participating.

Organizations that wish to join the beta program can fill out a form on the ThreatExchange site.

The goal is for organizations around the world to use ThreatExchange in order to learn from each other and make their systems safer, Hammel said. "That's the beauty of working together on security. When one company gets stronger, so do the rest of us."

Join the CSO newsletter!

Error: Please check your email address.

Tags securityTumblrtwitterBoxdata protectionBitlyFacebookDetection / preventionPinterestintrusionYahoo

More about FacebookYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place