AlienVault, the company behind open source SIEM, OSSIM, today launched AlienVault Open Threat Exchange™ (AV-OTX), a platform where OSSIM users and AlienVault customers can share threat intelligence data and improve their organization’s cyber situational awareness.
Free for any OSSIM user or AlienVault customer who chooses to participate, AV-OTX scrubs, aggregates, validates and publishes threat data coming in from the wide range of security devices across a community of OSSIM and AlienVault deployments. For example, if an AV-OTX community member experiences an attack, and alert can be sent through the exchange to notify the entire community and help them better prepare for or manage a similar attack.
But with a large community of users, it’s possible that false alarms and invalid or inaccurate data could make its way into the platform, so AlienVault has added some measures to help ensure the data is looked over before making its way into the exhange. Researchers at AlienVault Labs review and validate threat data to help ensure that only the most accurate and actionable intelligence is published to the threat exchange.
In January, AlientVault researchers were credited with finding a new strain of Sykipot malware targeting ActivIdentity’s ActivClient, which is used by the U.S. Department of Defense as a secure means of authentication.
“The OSSIM community is spread among many industries and countries, and is composed of organizations of all sizes,” said AlienVault CTO Roger Thornton. “Our Open Threat Exchange delivers on our mission of harnessing collective intelligence for the common good by providing the broadest scope of threat intelligence data, sourced from the largest community of SIEM deployments, freely to anyone who contributes.”
Related Reading: Threat Sharing – A Necessary Defense Strategy
Related Reading: Intelligence Sharing Key in Cybersecurity Arms Race, Experts Say