Facebook launched a new platform today for companies to share information about security threats and work together to solve them. Called ThreatExchange, it’s a new “social platform designed for sharing indicators like bad URLs and domains.”
Users of ThreatExchange can share data with other companies that use the platform by connecting to its API. It comes with controls that allow users to control what types of data they’re sharing, and who they’re sharing with. That way, if a team knows that another company is facing a similar attack, they can share more detailed information only with them to combat the attackers without having to more broadly reveal information they want to keep quiet.
ThreatExchange is an important effort, since an attacker that discovers a vulnerability will often try to use it against multiple targets rather than just focus on one company. By sharing information through ThreatExchange, users can compare notes and figure out how to better fight back.
The system is an extension of Facebook’s own ThreatData internal database, which the company uses to track and respond to threats against the social network.
So far, Facebook has signed up a number of big names in the tech industry to take part in ThreatExchange, including Dropbox, Tumblr, Yahoo and Twitter. That said, there are a number of major tech and security players missing. Most notably, Facebook hasn’t received participation from Apple, Google or Microsoft.
