03:43 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly

IID Launches ActiveTrust Cyber Threat Sharing And Collaboration Network

Dozens of Major Enterprises and Government Agencies Quickly Adopt Platform to Control and Coordinate the Latest Cybersecurity Intelligence

TACOMA, Wash.– February 11, 2014 – IID, securing the Internet with shared cyber intelligence, today announced the general availability of ActiveTrust--the platform government agencies and enterprises are leveraging to confidently exchange threat intelligence and coordinate response between organizations. ActiveTrust accelerates big collaboration for actionable security intelligence by giving organizations a better way to get the security information they need; creating a dynamic, aligned and private community of security peers.

The ActiveTrust platform consists of three elements: a controlled intelligence exchange so participants can confidently share the latest threat information; a robust data layer for fast integration of feeds, apps, analytics and services; and a broad-based social collaboration network for coordination and insight between organizations. Dozens of Fortune 500 companies and U.S. government agencies are already benefitting from ActiveTrust's hundreds of contributing sources to power their existing security infrastructure, helping them stay ahead of--and take action against--the latest cyberthreats. This collaborative approach means enterprises and government agencies can increase the scope, quality and timeliness of their cybersecurity efforts, while freeing up valuable human resources.

"Much like cybercriminals have leveraged intelligence exchanges to carry out their attacks, ActiveTrust provides the 'good guys' with their own sharing networks to gather information vital to fending off attacks," said IID CEO Lars Harvey. "IID has spent more than ten years making connections between organizations to secure their networks, so it's only logical that we are launching a threat exchange platform that makes it faster, easier and more efficient than ever for organizations to identity and defend themselves against cyberattacks."

The ActiveTrust Platform allows:

Controlled Exchange

ActiveTrust members are prescreened and agree to a common set of rules for confidentiality and information usage--enabling everyone to exchange intelligence with confidence. The threat exchange platform includes robust data governance controls, so members can dictate what, where, when and with whom they share--even anonymously.

Efficient Intelligence Delivery

ActiveTrust takes disparate sources of data in various formats and standardizes it, offloading the work needed to translate data and making the intelligence instantly actionable. By plugging actionable data into whatever gear organizations have, every existing security investment becomes more valuable and powerful.

Broad-Based Collaboration Made Easy

Participation in ActiveTrust gives security professionals instant access to a wealth of data from an unprecedented breadth of allies and peers in the security ecosystem. As importantly, ActiveTrust members have the ability to share insights and discuss best practices through various features on ActiveTrust's social network, Hub.

Despite the growing danger posed by cybercrime, information vital to stemming the tide has been highly fragmented until ActiveTrust. Pockets of data about threat activity have been siloed within the repositories of individual enterprises, government organizations, vendor networks and research institutions. Furthermore, traditionally, threats have been shared between organizations and peers via email. But prognostications, with IID leading the way, have this approach changing.

Craig Lawson and Rob McMillan from Gartner, Inc., the world's leading information technology research and advisory company, wrote in the "Technology Overview for Machine-Readable Threat Intelligence" report; "By year-end 2016, 'threat intelligence broker' offerings will emerge, providing machine-readable threat intelligence from multiple sources to an array of technical security controls, independent of vendor."

For more details about ActiveTrust, go to and

About IID

IID is a cybersecurity company that provides the platform to easily exchange cyber threat intelligence between enterprises and governments. Top financial firms, the largest government agencies, and leading e-commerce companies, social networks and ISPs leverage IID to detect and mitigate threats. IID was founded in 1996. The company is headquartered in Tacoma, Washington. For more information about IID, go to


Andrew Goss | Program Director


o: 253.444.5446

m: 206.909.9212

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-10-25
The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

Published: 2014-10-25
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.

Published: 2014-10-25
EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force a...

Published: 2014-10-25
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

Published: 2014-10-25
CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.