Companies Share Cyberthreat Info on New Facebook Platform

When Facebook launched ThreatExchange in February, the idea was to create a platform where companies could share information on potential cyberattacks, malware and other malicious hazards. Now, the Silicon Valley company says that the number of companies on the platform has reached 90, after 23 joined last week when the application process became easier. Facebook, which isn’t alone in offering a platform for centralized cyberthreats, is continuing its work to integrate these other information-sharing platforms.

According to The Wall Street Journal, companies that are now sharing information on ThreatExchange include Microsoft, Yahoo, PayPal and Dropbox. Facebook executive Mark Hammell reports that the companies on the platform come from “the technology, security, insurance, financial services, higher education and defense sectors, as well as Internet Service Providers.”

Facebook_TheatExchange

ThreatExchange, which was built using existing server and social graph infrastructure and APIs, averages 3 million shares or requests for information each month, focused on “malware families, IP addresses linked to possible cyberattacks and other threat indicators.” Facebook offers privacy controls so participating companies can choose who sees their published information.

Facebook isn’t the only company to offer a cybersecurity platform. Hewlett-Packard offers its Threat Central platform, and a partnership of Depository Trust Clearing Corporation and the Financial Services Information Sharing and Analysis Center launched Soltra Edge in November. Facebook doesn’t currently support the open protocol (STIX and TAXII) that Soltra is based on, but is working to add it.

“We’ll be working with several partners to identify the best path forward with product integration,” says a Facebook blog post.

Likewise, an industry group whose members include eBay, Hewlett-Packard and Oracle, says it’s looking into connecting with Facebook’s ThreatExchange. The U.S. government, which is not participating, would require new legislation to do so. “Effective sharing between government and industry remains very much a work in progress,” concludes WSJ.