8/13/2023 0 Comments Alienvault threat exchangeThe company has been around since 2007 offering security products aimed at small- to medium-sized businesses (SMBs). It is shooting for general release some time this summer. If customers use the OTX SDK to connect their perimeter security hardware to OTX, that will provide the system with valuable threat information, which participants can then build upon in the social component.Įven though AlienVault is calling this release a Beta, the company is offering open enrollment and will be incorporating new members on a rolling basis. OTX combines the social component with a more automated machine-to-machine feature that connects to any major security product such as firewalls, Russ Spitler, VP of product management at AlienVault said. If you have a domain name identified as malicious, you can locate malware with similar behavior and activity to discover other malicious actors that behave in a comparable manner, he explained. The platform lets you be more interactive than in the prior version by querying the system. “We are lowering the bar for threat intelligence and giving tools to small- and medium-sized business,” he said. ![]() While he expects security professionals will also get involved on OTX, he says IT pros who aren’t security experts can learn a great deal about combating threats by participating in the social part of the platform. “We clean the information, and generate a set of indicators of compromise, any technical piece of information you can use to identify a threat actor such as hash, IP address, etc.”īlasco says this is particularly important in small- and medium-sized businesses which very likely don’t have professional security personnel to monitor and fight these types of attacks. json and other open formats, and extract pertinent information automatically. An IT pro not trained in security threat management might have a difficult time understanding and acting on a security report without this kind of help.įor example, you could upload a security report in PDF format, and the system extracts meaningful information, while gleaning false positives, Blasco said. The platform can also ingest a security report in. Conversely, you could look up information about a suspected attack to learn more about it. This gives others more information to protect their systems against a similar attack. Data doesn’t mean anything, but we created a platform where can use that data, exposing it and using it to create threat intelligence,” Jaime Blasco, vice president and chief scientist at AlienVault, explained.Īrmed with information that someone is attacking your system, you could, for example share the IP address or website where it originated. “We created a portal, a social network where you can create intelligence based on that data. The update provides a social front end that gives members the opportunity to learn more about threats and how to combat them. In the prior version, it simply updated threat information automatically in the background from machine to machine for members who had opted in to this feature. The company bills it as a threat intelligence sharing platform, and the social component it has added in the latest version enables members to discuss security threats on a social network. AlienVault, a cybersecurity firm aimed at SMBs, announced the Beta of Open Threat Exchange (OTX) 2.0.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |