Security Experts:

AlienVault Launches Community Powered, Open Threat Intelligence Exchange

AlienVault, the company behind open source SIEM, OSSIM, today launched AlienVault Open Threat Exchange™ (AV-OTX), a platform where OSSIM users and AlienVault customers can share threat intelligence data and improve their organization's cyber situational awareness.

Free for any OSSIM user or AlienVault customer who chooses to participate, AV-OTX scrubs, aggregates, validates and publishes threat data coming in from the wide range of security devices across a community of OSSIM and AlienVault deployments. For example, if an AV-OTX community member experiences an attack, and alert can be sent through the exchange to notify the entire community and help them better prepare for or manage a similar attack.

Open Threat ExchangeThe company said that AV-OTX currently has threat data streaming from more than 18,000 OSSIM and AlienVault deployments around the globe, from a broad variety of security devices including firewalls, proxy servers, web servers, anti-virus systems, intrusion detection and prevention systems, among others.

But with a large community of users, it’s possible that false alarms and invalid or inaccurate data could make its way into the platform, so AlienVault has added some measures to help ensure the data is looked over before making its way into the exhange. Researchers at AlienVault Labs review and validate threat data to help ensure that only the most accurate and actionable intelligence is published to the threat exchange.

In January, AlientVault researchers were credited with finding a new strain of Sykipot malware targeting ActivIdentity’s ActivClient, which is used by the U.S. Department of Defense as a secure means of authentication.

“The OSSIM community is spread among many industries and countries, and is composed of organizations of all sizes,” said AlienVault CTO Roger Thornton. “Our Open Threat Exchange delivers on our mission of harnessing collective intelligence for the common good by providing the broadest scope of threat intelligence data, sourced from the largest community of SIEM deployments, freely to anyone who contributes.”

Related Reading: Threat Sharing - A Necessary Defense Strategy

Related Reading: Intelligence Sharing Key in Cybersecurity Arms Race, Experts Say

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.