Threat intelligence sharing has become the "new black" in the world of enterprise security, a trendy buzzword that has become ubiquitous at industry conferences and in vendor marketing pitches. But what exactly is threat intelligence sharing and are we using it effectively to defend against cyberattacks?
While there are many paths available —customer-to-vendor, vendor-to-customer, customer-to-customer, vendor-to-vendor—the core of threat intelligence sharing is typically information gathered from the customer by the vendor in order to help the customer respond to threats or attacks.
+ ALSO ON NETWORK WORLD: Old school antivirus vendors learn new tricks +
Another sharing situation involves this same intelligence being re-purposed by the vendor to produce new and/or improved detection signatures, blocking rules, or other forms of protection. This protection information is used in the vendor’s commercial product or service so it can be leveraged by the vendor’s other customers.
To continue reading this article register now