IBM X-Force Exchange

IBM X-Force Exchange - the platform of collective interaction for fight against cyber crime, contains considerable volumes of the summarized information on threats, the recommendations implemented in practice in IBM and other companies, indicators of the attacks in real time.

The X-Force Exchange platform has at the order the considerable volume of the summarized information of IBM on security, including research data and QRadar technologies, knowledge and skills of analysts and experts of division of IBM Managed Security Services. Open highly effective cloud infrastructure helps users to interact with each other, to get access to numerous sources of information.

Screenshot of the program window, 2014

The platform contains:

• one of the largest and complete directories of vulnerabilities in the world;

• information on threats on the basis of results of monitoring within which 15 billion events of security are daily traced;

• summarized information on viruses from 270 million end computing devices;

• summarized information on threats based on more than 25 billion websites and images;

• fundamental knowledge of questions of 8 million spam technologies and phishing attacks;

• data on nearly 1 million harmful IP addresses.

For April 17, 2015 X-Force Exchange - 700 TB raw data provided to IBM. At the same time information volumes will grow, be updated and be shared further because the platform will add each hour up to 1 thousand new indicators about possible threats. Such data arriving in real time are crucial for fight against cyber crime.

according to developers, the IBM X-Force Exchange platform will promote development of cooperation in counteraction to the growing number of cyberthreats of high complexity which the companies face today.

The cloud platform IBM X-Force Exchange created by division of IBM Security will allow the organizations to exchange easily the data connected with incidents in security systems, to have access to articles of experts of IBM and other partners of the platform.

Receiving and exchanging summarized information on threats from own networks or the database of IBM in real time, users can detect and prevent threats by means of:

• user-friendly interface for communication or check of accuracy of the information at colleagues, analysts and researchers;

• the large volume of the summarized information on threats which was provided by the third parties which quantity and quality in the future will only grow due to increase in user base;

• tool kit for easy collecting and classification of results where the most important information is in the foreground;

• open access via the Internet for analysts concerning information security and research associates;

• libraries of program interfaces for simplification of requests between platforms, devices and applications which will allow the enterprises to involve quickly the summarized information and to take measures for fight against threats.

Within the IBM platform will give support of STIX and TAXII which gradually become a standard for the automated collection of information about threats, for easier extraction and information exchange and also a full integration in the existing security systems.

The organizations can interact directly with analysts concerning information security and IBM developers and also colleagues on the industry through the platform on which they can check the detected threats, share finds with other companies fighting against cyber crime.

For example, the programmer can detect the new virus program, having noted it on the platform as "harmful". After that, the analyst on security issues of other company will find this domain in the network and will consult with colleagues and experts for confirmation of its danger. Then, it can block this program for all digital materials of the company, having stopped harmful traffic, and at the same time to notify other participants of the platform on threat. The chief of the department of information security will add this harmful source of traffic to public base on the platform that his colleagues on the industry could constrain and prevent quickly threat before it strikes the systems of other companies.