The OTX community has grown rapidly since its initial launch four years ago. It now has more than 37,000 participants in 140 countries, who contribute over 3 million threat indicators daily. Of these, more than 10,000 members are actively collaborating in the new OTX portal, which was introduced in August 2015. Modeled on social sharing technologies, OTX enables security practitioners from around the world to research and collaborate on emerging threats, and they may use the shared data in the exchange to update their own security systems. AlienVault USM customers automatically receive the threat intelligence of OTX through the USM console, enabling rapid detection of the latest threats. “When we introduced OTX in 2012, we changed the way IT departments consume threat intelligence by offering an open, collaborative network for practitioners and researchers to openly share threat intelligence,” said Russ Spitler, vice president, product strategy at AlienVault. “AlienVault was the first and only vendor to take this step and start providing the free services and tools that enable everyone in the OTX community to contribute their own threat data, and in return, get access to everyone else’s threat data. This exchange allows for a crowd-sourced, open and collaborative forum that can get threat intelligence from around the world from actual victims of attacks, which is an invaluable benefit for OTX users.”
With this new release, OTX has enhanced the ability of the community to collaborate. Each OTX participant can now contribute their own knowledge about emerging threats to improve the ability of the community to effectively detect and respond to them. OTX members can now submit edits and other relevant data such as additional indicators of compromise (IOCs) to help improve the clarity and accuracy of the data, resulting in a more actionable threat stream. Threat data is also anonymized so that users and pulse submitters can protect their identity. In addition, OTX members are now able to use the DirectConnect API to pull the latest threat data directly into the tools they have deployed in their network such as TAXII, BRO-IDS, OSSIM, MISP, LOKI and Suricata. For USM customers, AlienVault analyzes OTX threat data, writes correlation rules and directives and provides those updates automatically through the USM platform, a unique service that no other vendor provides.