Attacks/Breaches
2/21/2014
03:43 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

IID Launches ActiveTrust Cyber Threat Sharing And Collaboration Network

Dozens of Major Enterprises and Government Agencies Quickly Adopt Platform to Control and Coordinate the Latest Cybersecurity Intelligence

TACOMA, Wash.– February 11, 2014 – IID, securing the Internet with shared cyber intelligence, today announced the general availability of ActiveTrust--the platform government agencies and enterprises are leveraging to confidently exchange threat intelligence and coordinate response between organizations. ActiveTrust accelerates big collaboration for actionable security intelligence by giving organizations a better way to get the security information they need; creating a dynamic, aligned and private community of security peers.

The ActiveTrust platform consists of three elements: a controlled intelligence exchange so participants can confidently share the latest threat information; a robust data layer for fast integration of feeds, apps, analytics and services; and a broad-based social collaboration network for coordination and insight between organizations. Dozens of Fortune 500 companies and U.S. government agencies are already benefitting from ActiveTrust's hundreds of contributing sources to power their existing security infrastructure, helping them stay ahead of--and take action against--the latest cyberthreats. This collaborative approach means enterprises and government agencies can increase the scope, quality and timeliness of their cybersecurity efforts, while freeing up valuable human resources.

"Much like cybercriminals have leveraged intelligence exchanges to carry out their attacks, ActiveTrust provides the 'good guys' with their own sharing networks to gather information vital to fending off attacks," said IID CEO Lars Harvey. "IID has spent more than ten years making connections between organizations to secure their networks, so it's only logical that we are launching a threat exchange platform that makes it faster, easier and more efficient than ever for organizations to identity and defend themselves against cyberattacks."

The ActiveTrust Platform allows:

Controlled Exchange

ActiveTrust members are prescreened and agree to a common set of rules for confidentiality and information usage--enabling everyone to exchange intelligence with confidence. The threat exchange platform includes robust data governance controls, so members can dictate what, where, when and with whom they share--even anonymously.

Efficient Intelligence Delivery

ActiveTrust takes disparate sources of data in various formats and standardizes it, offloading the work needed to translate data and making the intelligence instantly actionable. By plugging actionable data into whatever gear organizations have, every existing security investment becomes more valuable and powerful.

Broad-Based Collaboration Made Easy

Participation in ActiveTrust gives security professionals instant access to a wealth of data from an unprecedented breadth of allies and peers in the security ecosystem. As importantly, ActiveTrust members have the ability to share insights and discuss best practices through various features on ActiveTrust's social network, Hub.

Despite the growing danger posed by cybercrime, information vital to stemming the tide has been highly fragmented until ActiveTrust. Pockets of data about threat activity have been siloed within the repositories of individual enterprises, government organizations, vendor networks and research institutions. Furthermore, traditionally, threats have been shared between organizations and peers via email. But prognostications, with IID leading the way, have this approach changing.

Craig Lawson and Rob McMillan from Gartner, Inc., the world's leading information technology research and advisory company, wrote in the "Technology Overview for Machine-Readable Threat Intelligence" report; "By year-end 2016, 'threat intelligence broker' offerings will emerge, providing machine-readable threat intelligence from multiple sources to an array of technical security controls, independent of vendor."

For more details about ActiveTrust, go to www.internetidentity.com/activetrust/ and www.internetidentity.com/activetrust-hub/.

About IID

IID is a cybersecurity company that provides the platform to easily exchange cyber threat intelligence between enterprises and governments. Top financial firms, the largest government agencies, and leading e-commerce companies, social networks and ISPs leverage IID to detect and mitigate threats. IID was founded in 1996. The company is headquartered in Tacoma, Washington. For more information about IID, go to www.internetidentity.com.

###

Andrew Goss | Program Director

VOXUS PR for IID

agoss@voxuspr.com

o: 253.444.5446

m: 206.909.9212

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0607
Published: 2014-07-24
Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

CVE-2014-1419
Published: 2014-07-24
Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

CVE-2014-2360
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

CVE-2014-2361
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

CVE-2014-2362
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.