Facebook unveils platform for exchanging security threat information

Facebook and sever other big Internet and tech companies have banded together to create ThreatExchange, a platform for exchanging security threat information.

“ThreatExchange is built on the existing Facebook platform infrastructure, and we layered APIs on top of it so that partner companies can query the available threat information and also publish to all or a subset of participating organizations,” Mark Hammell, the manager of the Threat Infrastructure team at Facebook, explained in a post.

“Threat data is typically freely available information like domain names and malware samples, but for situations where a company might only want to share certain indicators with companies known to be experiencing the same issues, built-in controls make limited sharing easy and help avoid errors by using a pre-defined set of data fields.”

The idea of this type of exchange was born a little over a year ago, when Facebook, Pinterest, Tumblr, Twitter, and Yahoo had to collaborate and exchange attack information in order to stop a massive botnet-powered malware-slinging campaign that used all of their services to reach as many users as possible.

“Threats like malware and phishing typically go after multiple targets, and a successful attack at one place usually makes it easier to take over systems elsewhere. We share in each other’s fate,” Facebook noted on the exchange’s website.

“Our goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other’s discoveries, and make their own systems safer,” concluded Hammell.

Aside for the aforementioned companies, Bitly and Dropbox also participate in the ThreatExchange. Other companies have been invited to contribute.