The Internet can be a dangerous place these days. Victims are being infected through compromised websites, malicious ads and targeted campaigns that even the most seasoned security professional could fall victim to. Now more than ever, it’s imperative that companies find a way to share cyber threat data to protect themselves. RiskIQ believes in this mission and is excited to announce that high value cyber threat indicators from RiskIQ's collection of malvertising and other web-based attack activity will now be available to all members of Facebook’s ThreatExchange.
Every day, RiskIQ performs millions of web crawls in order to identify malicious activity on digital assets outside the perimeter. Each crawl produces hundreds of data points that provide the necessary context to defenders and our in-house research team in order to surface malicious activity.
“One of the most important things to help protect users is to quickly share data, in an efficient and actionable way.” --James Pleger, director of research at RiskIQ
The addition of data related to exploit kits, hijacked websites and malicious traffic distribution infrastructure to Facebook’s ThreatExchange will give members the edge to combat malvertising threats, ransomware and other criminal-based attacks without spending time doing the research. Each of these cyber threat types affect organizations on the Internet broadly, with attackers capable of penetrating perimeter controls and leveraging tactics that scale attacks beyond traditional defensive measures. All indicators contributed to the exchange will be marked under TLP: GREEN and will include a description detailing additional context.
RiskIQ believes it’s possible to create a safer Internet experience and sharing is a key step in making that happen. We will continue to share any capability enhancements in mobile, social and other areas through ThreatExchange and PassiveTotal.