There are days when you have to be thankful IBM is IBM. Seriously.
Conversations about threat sharing to improve cybersecurity abound, including a a start from scratch public threat portal by DHS (if it makes it out of Congress). Seriously? A build from scratch on government bid public security portal?
Then in the midst of all that consternation, uncertainty and doubt, IBM speaks:
IBM Opens Threat Intelligence to Combat Cyber Attacks
IBM (NYSE: IBM) today announced it is making its vast library of security intelligence data available via the IBM X-Force Exchange, a new cyber threat intelligence sharing platform powered by IBM Cloud. This collaborative platform provides access to volumes of actionable IBM and third-party threat data from across the globe, including real-time indicators of live attacks, which can be used to defend against cybercrimes.
…
The need for trusted threat intelligence is greater than ever, as 80 percent of cyber attacks are driven by highly organized crime rings in which data, tools and expertise are widely shared1. Though hackers have mobilized, their targets have not. A majority (65 percent) of in-house cybersecurity teams use multiple sources of trusted and untrusted external intelligence to fight attackers2.
The X-Force Exchange builds on IBM’s tremendous scale in security intelligence, integrating its powerful portfolio of deep threat research data and technologies like QRadar, thousands of global clients, and acumen of a worldwide network of security analysts and experts from IBM Managed Security Services. Leveraging the open and powerful infrastructure of the cloud, users can collaborate and tap into multiple data sources, including:
- One of the largest and most complete catalogs of vulnerabilities in the world;
- Threat information based on monitoring of more than 15 billion monitored security events per day;
- Malware threat intelligence from a network of 270 million endpoints;
- Threat information based on over 25 billion web pages and images;
- Deep intelligence on more than 8 million spam and phishing attacks;
- Reputation data on nearly 1 million malicious IP addresses.
Today, the X-Force Exchange features over 700 terabytes of raw aggregated data supplied by IBM. This will continue to grow, be updated and shared as the platform can add up to a thousand malicious indicators every hour. This data includes real-time information which is critical to the battle against cybercrime.
“The IBM X-Force Exchange platform will foster collaboration on a scale necessary to counter the rapidly rising and sophisticated threats that companies are facing from cybercriminals,” said Brendan Hannigan, General Manager, IBM Security. “We’re taking the lead by opening up our own deep and global network of cyberthreat research, customers, technologies and experts. By inviting the industry to join our efforts and share their own intelligence, we’re aiming to accelerate the formation of the networks and relationships we need to fight hackers."
Open, Automated and Social Threat Sharing
Built by IBM Security, the IBM X-Force Exchange is a new, cloud-based platform that allows organizations to easily collaborate on security incidents, as well as benefit from the ongoing contributions of IBM experts and community members. Since the beta launch of the X-Force Exchange, numerous early adopters have joined the community.
By freely consuming, sharing and acting on real-time threat intelligence from their networks and IBM’s own repository of known threat intelligence, users can identify and help stop threats via:
- A collaborative, social interface to easily interact with and validate information from industry peers, analysts and researchers;
- Volumes of intelligence from multiple third parties, the depth and breadth of which will continue to grow as the platform’s user base grows;
- A collections tool to easily organize and annotate findings, bringing priority information to the forefront;
- Open, web-based access built for security analysts and researchers;
- A library of APIs to facilitate programmatic queries between the platform, machines and applications; allowing businesses to operationalize threat intelligence and take action.
The link? http://xforce.ibmcloud.com. Bookmark it. I suspect we are all going to be spending time there.
Thanks IBM!
I have just logged in and started to explore XForce. Very cool!
PS: I first saw this in a post without the decency to include a link to the press release or the XForce site. Screw that.