Facebook's ThreatExchange Lets Users Share Threat Information
The new effort builds on Facebook's ThreatData analysis framework to help share information on security threats.Facebook sits at the nexus of the social networking world, and it now wants to be at the nexus of the security threat information world with the ThreatExchange, which was announced today. The ThreatExchange is a platform for sharing security threat information and is enabled by way of an API that lets partners query information and participate. The ThreatExchange builds on Facebook's ThreatData framework that was detailed back in March 2014. "ThreatExchange is built on the regular Facebook Platform infrastructure," Mark Hammell, manager of the Threat Infrastructure team at Facebook, explained to eWEEK. "We added a set of APIs that allow participating companies to both query and publish data they want to investigate or share." Hammell added that Facebook has included a set of metadata and prewritten data fields that help structure and organize the information available on the platform. ThreatExchange users have control over the data they want to share, in an effort to help those who are experiencing similar threats.
While the ThreatExchange is intended to enable collaboration and the sharing of information, Facebook isn't about to allow the platform to provide attackers with more information either. Hammell explained that the ThreatExchange is currently open to only a set of preapproved partners, which include Bitly, Dropbox, Facebook, Pinterest, Twitter, Tumblr and Yahoo.