Facebook Inc. said more than 90 companies now share cybersecurity threat information via its ThreatExchange platform.
Mark Hammell, manager of Facebook’s threat infrastructure team, said in a blog post that companies in the technology, security, insurance, financial services, higher education and defense sectors, as well as Internet Service Providers, have begun sharing threat information on the platform. Participants include Microsoft Corp., Yahoo Inc., PayPal Holdings Inc. and Dropbox Inc.
The social networking company saw 23 additional companies join Thursday after it introduced an easier application process, a spokeswoman said.
The platform now averages more than 3 million shares or requests for information each month. Companies are searching for information about malware families, IP addresses linked to possible cyberattacks and other threat indicators, Facebook said.
The platform is built uses Facebook’s existing infrastructure, including its servers, social graph and privacy policies. Facebook has built APIs that help members share and query available threat information with the ThreatExchange platform. It also has privacy controls so companies can decide who sees the information they publish.
When Facebook launched ThreatExchange in February, it joined a number of organizations building tools that compile threat information from multiple sources and make it easier to share. Hewlett-Packard Co., for example, uses a platform called Threat Central to provide customized threat information, the WSJ reported in April.
Another is Soltra Edge, born out of a partnership between the Depository Trust Clearing Corporation and the Financial Services Information Sharing and Analysis Center. Launched in November, Soltra Edge uses a popular open protocol called STIX and TAXII to standardize and share threat information.
Facebook does not currently support the STIX/TAXII protocol but is working to add it, a spokeswoman said. It hopes to integrate with other information sharing platforms, and is talking with multiple ISAC’s – industry groups that facilitate information sharing — about how they can use ThreatExchange.
It also hopes to bring in other providers of threat analysis tools and incident detection systems. “We’ll be working with several partners to identify the best path forward with product integration,” the blog post said. Facebook declined to name specific partners.
Scott Algeier, executive director of the IT ISAC, whose members include eBay Inc., H-P and Oracle Corp., said his group doesn’t yet use ThreatExchange. But as it seeks to connect to other data feeds through TAXII, Facebook’s platform “is a tool that we will be looking at in more detail in the future.”
Deborah Kobza, executive director and CEO of the national health ISAC, said her CIO has contacted Facebook several times but has yet to receive a response.
One stakeholder – the United States government — is noticeably absent from Facebook’s platform, the Christian Science Monitor reported Thursday. “At this time, government agencies are not participating in ThreatExchange and will not, until there is legislation that clearly defines how information from sharing platforms can be used by these parties,” it quoted Facebook’s Mr. Hammell as saying.
President Barack Obama has called information sharing a pillar of his defense strategy, but effective sharing between government and industry remains very much a work in progress.
View the original content and more from this author here: http://ift.tt/1Lo4Myj
from cyber security caucus http://ift.tt/1h2HfbO
via IFTTT
No comments:
Post a Comment