The open source threat intelligence platform can now scan log files to find compromised systems
Open source security expert AlienVault has launched a new version of its Open Threat Exchange (OTX) platform, which offers free, real-time intelligence on most known security issues.
The platform now includes a tool called ThreatFinder, which enables companies to upload any log file for analysis. AlienVault says ThreatFinder could be especially beneficial to SMBs, who frequently have to operate on a very tight budget.
AlienVault maintains the world’s largest crowd-sourced threat intelligence database. OTX was initially launched in 2012 to share the anonymised data the company collects from its users through the Open Source Security Information Management (OSSIM) product. This benefits other AlienVault users, as well as the wider community.
OTX is vendor agnostic, can gather intel from any security device and doesn’t cost a penny. AlienVault makes its money through sales of its enterprise OSSIM platform, which offers better scalability, comprehensive logging and report writing facilities, built-in redundancy and other premium features.
The company says that since its release, OTX has attracted more than 8,000 contributors from 140 countries, and more than 17,000 threat data updates are made on the system every day.
The new version of the open source platform delivers automatic alerts on communications related to known malicious hosts. It also offers an interactive threat map that charts all of the countries the organisation’s systems are communicating with, and now includes additional ‘drill down’ capabilities.
Finally, the ThreatFinder service enables security professionals to quickly and easily analyse their network ecosystems for compromised systems and malicious communications.
“In today’s evolving threat landscape, it has become more of a challenge for organisations, particularly those in the mid-market, to detect where the true threats lie without tapping into a broader and often already-stretched IT budget,” said Russ Spitler, VP of Product Strategy at AlienVault.
“By offering this capability as a free tool, AlienVault helps organisations gain greater visibility into their networks and makes existing IT resources more effective in rapidly detecting and responding to threats.”
How well do you know network security? Try our quiz and find out!