RiskIQ Makes Facebook ThreatExchange Data Accessible within PassiveTotal
SAN FRANCISCO, USA & LONDON, UK, Dec. 2, 2015 – RiskIQ, the leading security company defending organisations from threats beyond the perimeter, today announced that its PassiveTotal threat infrastructure analysis product will provide a visual front end for Facebook’s ThreatExchange. With this integration, RiskIQ customers have the option to centralise data from ThreatExchange alongside critical data sets such as passive DNS, WHOIS, and SSL Certificates within PassiveTotal to accelerate security investigations and automate the sharing of findings with the community.
“Sharing threat intelligence, whether it’s private sharing of attack campaigns, long-form reports on threat actors or just public lists of indicators, is the most effective way for organisations to pre-empt and protect themselves from attacks,” said Elias Manousos, CEO of RiskIQ. “We believe the process of sharing should occur without friction and that’s why we’ve added full integration of Facebook’s ThreatExchange within the PassiveTotal platform. We are also sharing data from RiskIQ researchers with ThreatExchange to further arm the community with actionable intelligence.”
To automate intelligence sharing with the ThreatExchange community, PassiveTotal allows users to set global controls on how, with whom and what data is shared. Once the initial configuration is complete, users can simply begin searching within PassiveTotal much like they normally would. When data related to a search is found within ThreatExchange, PassiveTotal will display a tab and show the specific data along with who submitted it into the exchange. Additionally, when available, PassiveTotal will automatically extract details such as tags or the status of an indicator, including malicious, suspicious, etc.
For real-time sharing, PassiveTotal can be configured to automatically add findings to ThreatExchange as investigations are being conducted. For example, a group of individuals that know and trust each other can instantly work as an ad-hoc team to help protect their peers’ organisations while they are protecting their own company. The addition of ThreatExchange to the PassiveTotal platform can facilitate larger, inter-company intelligence sharing efforts that previously would only be performed through email, if at all.
PassiveTotal with ThreatExchange integration is available immediately. RiskIQ threat data is publicly available in ThreatExchange under a TLP GREEN designation.
RiskIQ provides organisations the visibility and intelligence they need to secure their Enterprise Digital Footprint and to map their Adversaries’ infrastructure. RiskIQ products, powered by a global proxy network, virtual user technology and threat analysis engine, allow organisations to get an actionable and timely picture of both their own and their adversaries infrastructure to proactively defend against threats targeting their websites, mobile applications, brands, customers, and employees. Leading financial institutions, insurance providers and consumer as well as B2B brands use RiskIQ to protect themselves and their users from code level threats, malware, phishing, social media attacks and fraud. RiskIQ is headquartered in San Francisco and backed by growth equity firms Summit Partners and Battery Ventures. To learn more about RiskIQ, visit http://www.riskiq.com/.
Atomic PR for RiskIQ
+44 (0)207 025 7507