Facebook intros ThreatData framework to standardize security

ThreatData essentially pools data related to malware, phishing, and other online risks across the Internet for both real-time and long-term analysis.

facebook-profile-shadows

Facebook has unveiled its latest security wall built from the ground up: ThreatData, a framework intended to standardize security research and prevention.

ThreatData essentially pools data related to malware, phishing, and other online risks across the Internet for both real-time and long-term analysis. That information is then routed into Facebook systems to model and map emerging threats for immediate action.

Mark Hammell, a threat researcher at Facebook, posited in a blog post on Tuesday that "a consistent vocabulary is rare" because "every company or vendor uses their own data formats."

Here's an example of how that disconnect has already played out in the corporate world, according to Hammell, and what Facebook engineers and hackers learned thanks to the implementation of ThreatData starting last year:

In a typical corporate environment, a single anti-virus product is deployed to all devices and used as a core defense. In reality, however, no single anti-virus product will detect all threats. Some vendors are great at detecting certain types of malware, while others can detect a wide array of threats but are more likely to mislabel them. We decided we would employ our framework to construct a light-weight set of hashes expressly not detected by our chosen anti-virus product and feed those hashes directly into our custom security event management system. The results have been impressive: We've detected both adware and malware installed on visiting vendor computers that no single anti-virus product could have found for us.

Given the Menlo Park, Calif.-based company's penchant for open source, it's quite possible that Facebook is laying the groundwork for what could be a greater repository for cyber threat information in general—perhaps something that even parallels the continuing stream of information displayed on the News Feed.

Amid the ongoing revelations about the National Security Agency and continuing debate over Internet security and privacy, Facebook has been vocal about its strategy to protect sensitive data, mostly through via in-house developments and engineering.

Just last week , Facebook chief security officer Joe Sullivan sat down with the media at the social network's Silicon Valley headquarters, stressing that Facebook's security strategy starts with fostering a particular knowledge and culture about it within the company first.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All