TREND FOCUS: Crowd and open source in cyber security

By   ISBuzz Team
Writer , Information Security Buzz | Sep 23, 2013 05:52 am PST

It seems, based on recent announcements from the likes of HP and CrowdStrike, that crowdsourcing and open source are really taking off as ways of getting the information security industry sharing the latest cyber threat intelligence. 

This comes as no surprise to Unified Security Management company, AlienVault, who have pioneered this concept.  Open source is something that it has heralded for years and its Open Threat Exchange (OTX) platform was built on the principle that “if I help others, I further my own goals.”

“We welcome this week’s announcement from HP about their Threat Central service.  We see this as further validation of what we’ve known for a long time: Crowdsourcing or open source threat intelligence is the only way organisations have any hope of combating the ‘bad guys’,” said Barmak Meftah, president and CEO of AlienVault and former VP of HP’s Software Security Products division. “With over 8,000 contributors from more than 140 countries sharing threats every day through our Open Threat Exchange, we’ve learned first-hand that being open and collaborative are the essential requirements to sharing and disseminating the comprehensive threat intelligence that no one company could ever collect in isolation.  The era of closed systems and proprietary enterprise solutions to address the security concerns of organisations around the world is over.”

In his blog post, Jaime Blasco, head of research at AlienVault Labs, describes how AlienVault’s free and open Reputation Monitor Alerts work:

“The detection engine uses the threat data our internal systems collect and the information that Alienvault OSSIM and USM users can voluntarily contribute from a wide range of devices in their environment (firewalls, proxies, web servers, anti-virus systems, and intrusion detection/prevention systems). This data is automatically processed, aggregated, validated and enriched. By gathering threat data from a diverse install base, across many industries and countries and companies of all sizes and mixing this with new threat vectors, our engine is able to discover and alert you when one of your assets has been compromised or presents suspicious behaviour.”

For the full post, please visit: