Facebook has launched a new website that allows companies to exchange security threat information. The website, ThreatExchange, is an API-based platform that companies can use to investigate any available threat information.
The social giant already has some large companies on board whilst still only in the testing phase. Pinterest, Tumblr and Yahoo have already participated in the information exchange, with Bitly and Dropbox recently joining the community.
The project was originally theorised a year ago after an informal meeting between tech companies was arranged to discuss solutions to a botnet that was spreading a malware-based spam attack. For Facebook the project is about driving an economy of scale in security investigations:
‘Our goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other’s discoveries, and make their own systems safer,’ said Mark Hammell, manager of threat infrastructure on the companies blog. ‘That’s the beauty of working together on security. When one company gets stronger, so do the rest of us.’
The platform is taking expressions of interest from the security community and will be looking to grow its participation numbers. The project is just one of the solutions that private enterprises have for tackling growing online security threats.
As Hammell’s blog alludes to, threat data around domains and malware is freely available for exchange. ThreatExchange will allow companies to share certain indicators with other companies who are experiencing the same issues:
‘Built-in controls make limited sharing easy and help avoid errors by using a pre-defined set of data fields.’
You may also like: