Facebook (FB) Launches ThreatExchange to Combat Phishing, Malware, and More

Facebook (NASDAQ: FB) launched ThreatExchange today. The following is from the official website:

Let's Work Together

Tools for sharing security information between organizations don’t work if they are inefficient or too complex. That’s why many teams end up trying to solve the same problems that others have already tackled.

ThreatExchange is a platform created by Facebook that enables security professionals anywhere to share threat information more easily, learn from each other’s discoveries, and make their own systems safer. We included a set of privacy controls so that participants can help protect any sensitive data by specifying who can see the threat information they contribute.

That’s the beauty of working together on security. When one company gets stronger, so do the rest of us.

Why ThreatExchange?

Threats like malware and phishing typically go after multiple targets, and a successful attack at one place usually makes it easier to take over systems elsewhere. We share in each other’s fate.

To be stronger together, we need a more open approach to security with the right tools. That’s how we can most effectively protect people’s accounts, safeguard data, and rid our services of spam and malware.

Early partners for ThreatExchange include Bitly, Dropbox, Facebook, Pinterest, Tumblr, Twitter, and Yahoo. We expect new partners to come on board as the platform grows.

A Better Way to Share

Previous approaches have been challenging. Email and spreadsheets are ad-hoc and inconsistent. It’s difficult to verify threats, to standardize formats, and for each company to protect its sensitive data. Commercial options can be expensive, and many open standards require additional infrastructure.

Faced with these tradeoffs, Facebook suggested an API approach that builds on our internal ThreatData system to create a social platform designed for sharing indicators like bad URLs and domains. We are committed to protecting people’s privacy, and we built controls into the platform to help people share with only their intended group every time. Participants choose from a defined set of data types that exclude categories of sensitive data, and a number of safeguards help ensure that threat data isn’t accidentally shared broadly. This approach makes it easier for an organization that may want to share data that needs to be handled with extra sensitivity—for example, a company might want to share specific information only with another company they know to be experiencing the same attack.

We have a vested interest in making the internet safer and giving people better ways to connect and share. After working with a number of our peer companies to refine the structure and implementation, we are ready to introduce ThreatExchange and see what we can learn from each other.

You May Also Be Interested In

• Cyngn Inc (CYN) Announces Pricing of $5.0 Million Firm Commitment Public Offering of Common Stock
• Apple (AAPL) announces 'Let Loose,' a special online event to be held in May
• HCI Group (HCI) Enters Five-Year Employment Agreement with CEO Patel