Facebook on Wednesday launched a new platform
called ThreatExchange for security professionals to exchange information about
cyberthreats with greater ease.
Doing what it
does best, Facebook has created a platform — or a mini-social network, if you
will — but this time for cybersecurity specialists. The concept is that
researchers and professionals can learn from each other, and help keep
everyone's systems safer.
"Our goal
is that organizations anywhere will be able to use ThreatExchange to share
threat information more easily, learn from each other's discoveries, and make
their own systems safer," Mark Hammell, Facebook's manager of threat
infrastructure, wrote in a blog post announcing the
project.
Security
threats aren't typically relegated to just one target, and the lack of
communication between malware targets ends badly for everyone, according to
ThreatExchange. So far, some pretty big-name Internet players have joined
Facebook on ThreatExchange, including Bitly, Dropbox, Pinterest, Tumblr,
Twitter and Yahoo. The platform expect to attract more partners as time goes
on.
ThreatExchange characterizes previous means of
communication between professionals as "inconsistent" and
"difficult,"
ThreatExchange
characterizes previous means of communication between professionals as
"inconsistent" and "difficult,", typically resigned to
emails or spreadsheets. The new platform builds on Facebook's ThreatData, a framework
that stores cyberthreat information (such as bad URLs) for analysis by security
pros.
The idea for
ThreatExchange came about a year ago, when Facebook and others were facing a
malware spam attack. The social network's security specialists "quickly
learned that sharing with one another was key to beating" the problem,
Hammell wrote.
To quell any
fears that potential partners may have about sharing too much information
publicly, Facebook said participants can tweak settings to pick and choose with
whom they share their information. For example, a company may only want to
share sensitive data with another partner that is experiencing the same attack.
Currently,
ThreatExchange is in beta, but for those interested in participating, there's a
sign-up form over on its website.
"That's
the beauty of working together on security," Hammell wrote. "When one
company gets stronger, so do the rest of us."
EmoticonEmoticon