AlienVault has launched a free crowdsourced security service that promises to alert organisations if any of their public IP addresses or domains turn up on hacker forums, shared blacklists or on the firm’s internal reputation database.
Described as a sort of ‘neighbourhood watch’ for participating organisations, the Open Threat Exchange Reputation Monitor Alert Service (to give it its full name) is a publically-accessible equivalent of the Open Threat Exchange (OTX) AlienVault launched in 2012 to share the same data among its own customers.
As an aside, the Open Threat Exchange had now been renamed OTX Reputation Monitor and will be broadened to tie together all of the firm’s internal intelligence-gathering initiatives, the firm said.
In essence this allows firms that are not customers of AlienVault to get SIEM-like alert data that might turn up on the security firm’s Open Source Security Information Management (OSSIM) reputation database, fed to it by paid customers or other sources.
If it works efficiently, it could be an ingenious way to extend some of the benefits of crowdsourcing, although that depends on how likely it is that AlienVault’s data-gathering will record issues on a given set of IP addresses. Signing up for the service takes minutes and requires no software.
“Cyber criminals often use compromised systems to launch attacks against different targets,” said AlienVault CTO, Roger Thornton.
“With a service that harnesses crowd-sourced threat intelligence, we can detect these attacks before damage is done. Our OTX Reputation Monitor Alert leverages the broadest scope of data, sourced from the largest community of SIEM deployments, and is free to all IT and security professionals.”
AlienVault said it would also monitor DNS registration and SSL certificates for submitted domains and IPs.
“Today, we re-launch OTX as an even broader initiative to provide free resources, projects, services and threat intelligence to IT security professionals with the goal to unify efforts to combat the ever-increasing malicious threats that plague organisations,” said AlienVault CEO, Barmak Meftah on the re-launch and expansion of the underlying OTX programme.