From AMBER alerts to disaster response, Facebook has fashioned itself as a go-to for all manner of public safety information. Now, amid heightened concerns over cybersecurity, the social giant is rolling out ThreatExchange -- an API-based platform for sharing security threat information.
Inspired by a collaboration with other technology companies, the exchange has been in the works for a little over a year, according to Mark Hammell, manager of the Threat Infrastructure team at Facebook.
“It became clear that what we needed was a better model for threat sharing,” Hammell explains in a new blog post. From tech titans to government policymakers, cybersecurity is presently top of mind.
Like’s Facebook’s other information services, “it was natural for us because our core service is a platform for sharing, and because we already had a threat analysis framework called ThreatData that we could build upon,” Hammell said.
ThreatExchange is built on the existing Facebook platform infrastructure, onto which it layered APIs. Partner companies can query the available threat information, as well as publish to all or a subset of participating organizations.
Normally, security threat data is freely available information, like domain names and malware samples. Yet, for situations where a company might only want to share certain indicators with companies known to be experiencing the same issues, Facebook added built-in controls to make limited sharing possible.
Earlier partner companies included Pinterest, Tumblr, Twitter, and Yahoo, according Hammell. More recent participants include Bitly and Dropbox.
At a White House summit on Friday, the Obama Administration is expected to announce a major executive action on cybersecurity. Among other attendees, Apple CEO Tim Cook is scheduled to speak.