Facebook's ThreatExchange Lets Users Share Threat Information

By Sean Michael Kerner  |  Posted 2015-02-11 Print this article Print
Facebook ThreatData

The new effort builds on Facebook's ThreatData analysis framework to help share information on security threats.

Facebook sits at the nexus of the social networking world, and it now wants to be at the nexus of the security threat information world with the ThreatExchange, which was announced today.

The ThreatExchange is a platform for sharing security threat information and is enabled by way of an API that lets partners query information and participate. The ThreatExchange builds on Facebook's ThreatData framework that was detailed back in March 2014.

"ThreatExchange is built on the regular Facebook Platform infrastructure," Mark Hammell, manager of the Threat Infrastructure team at Facebook, explained to eWEEK. "We added a set of APIs that allow participating companies to both query and publish data they want to investigate or share."

Hammell added that Facebook has included a set of metadata and prewritten data fields that help structure and organize the information available on the platform. ThreatExchange users have control over the data they want to share, in an effort to help those who are experiencing similar threats.

While the ThreatExchange is intended to enable collaboration and the sharing of information, Facebook isn't about to allow the platform to provide attackers with more information either. Hammell explained that the ThreatExchange is currently open to only a set of preapproved partners, which include Bitly, Dropbox, Facebook, Pinterest, Twitter, Tumblr and Yahoo.

"We are asking for interest and input from the community, and over time we will carefully expand the group to help ensure the platform grows while maintaining its utility for the participants," Hammell said. "In the future, we are also interested in determining whether we could potentially share certain types of non-sensitive data with anyone."

Facebook is no stranger to security threats and has taken multiple steps over the course of the last year to improve security. In October 2014, Facebook announced an effort to help protect its users from the risk of breaches at other sites. Typically, many users will reuse passwords on multiple sites, and the Facebook effort looks at public dumps of password disclosures to help identify any of its own impacted users.

Facebook also has partnerships with a number of security vendors, including ESET, F-Secure and Trend Micro, that provide free malware scanning to users.

Rounding out Facebook's security efforts is its bug bounty program, which rewards researchers for disclosing security flaws. Facebook has paid out more than $3 million in security awards to researchers since it started its bug bounty program in 2011.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel