Cyber Threat Alliance

Cyber Threat Alliance

At RSA Conference 2017, the Cyber Threat Alliance announced the next phase in its evolution.

  • Cyber Threat Alliance formally incorporates.
  • Founding members, including McAfee, invest in Cyber Threat Alliance.
  • New automated threat intelligence sharing platform.
Read Press Release Read Blog

Threat Intelligence Sharing

Improve protection against cyberattacks through shared threat intelligence

Threat intelligence is curated information about an existing or emerging cyberthreat that can be distributed for the purpose of improving defenses against a specific attack. Going beyond IP addresses, hashes, and other core threat identifiers, threat intelligence provides critical context around a threat activity, including indicators of compromise (IoC), indicators of attack (IoA), the tactics employed, and, potentially, the motivation and identity of the adversary. Through leadership within the threat intelligence sharing community and by developing technologies that more easily share and use threat intelligence, we help customers better identify and stop attacks.

Learn About Threat Intelligence Sharing

Webcast: The Rise of Threat Intelligence Sharing

Learn about threat intelligence sharing laws, the sharing ecosystem, and our leadership within that community.

Webcast: IT@Intel: Information

Intel Corporate IT discusses how threat intelligence sharing helps protect Intel.

Podcast: Inside IT-Sharing Cyber-Threat Information

Intel Corporate IT discusses its perspective on threat intelligence sharing and using it to minimize digital information risk.

McAfee Labs Threats Report: March 2016

McAfee Labs researchers present results from primary market research around threat intelligence sharing.

Our Threat Intelligence Sharing Technologies and Alliances

OpenDXL

Enables security devices to share intelligence and orchestrate security operations in real time.

McAfee Threat Intelligence Exchange

Combines multiple threat information sources and instantly shares this data out to all connected security products.

McAfee Global Threat Intelligence

Collects threat activity from millions of sensors worldwide and an extensive research team, and makes it instantly available to all connected security products.

Solution Brief: Operationalizing Threat Intelligence

Learn how to integrate threat intelligence with McAfee solutions.

Webcast: Operationalize Threat Intelligence

This technical webcast shows how to use threat intelligence in McAfee products.

Cyber Threat Alliance

Cyber Threat Alliance

An alliance of leading cybersecurity solution providers—including McAfee—have come together to share threat intelligence on advanced attacks, their motivations, and the tactics of the malicious actors behind them.

Threat Intelligence Sharing Standards and Government Initiatives

Standards


TAXII,™ the Trusted Automated eXchange of Indicator Information
A set of services and message exchanges, enabling automated and secure sharing of cyberthreat information.

STIX,™ the Structured Threat Information eXpression
A structured exchange format used to convey specific cyberthreat information.

CybOX,™ the Cyber Observable eXpression
A language for encoding “cyber observables,” providing a standardized representation of facts in the cyber domain.

Government Initiatives


U.S. Cybersecurity Information Sharing Act of 2015 (S.754)
A U.S. federal government law that allows for the sharing of threat intelligence information.

U.S. Executive Order 13691—Commission on Enhancing National Cybersecurity
A U.S. presidential executive order forming a commission chartered to make recommendations to strengthen cybersecurity.

Information Sharing and Analysis Organization (ISAO) Standards Organization
Chartered to identify a common set of voluntary standards or guidelines for the creation and functioning of ISAOs, leading to more consistent sharing alliances.

US-CERT—Automated Indicator Sharing (AIS) Tool
Enables the exchange of cyberthreat indicators between the U.S. federal government and the private sector at machine speed.