Although having very high security, hackers have been found breaching into many systems. Therefore, many tech giants have involved themselves in saving their businesses that run on internet from hacking. And lately, online social networking service giant Facebook has unveiled a security-focused framework called ThreatData, which aims to simplify and standardize its work in this area.
ThreatData essentially pools data related to malware, phishing, and other online risks across the internet for both real-time and long-term analysis. That information is then routed into Facebook systems to model and map emerging threats for immediate action. In other words, ThreatData enables Facebook to configure feeds from (selected) datasets that it believes are important to capture.
In the past, Facebook has used ThreatData to track malicious URLs from blogs and malware tracking sites, its own internal sources and malware files hashes from VirusTotal. ThreatDatums are then routed through Hive and Scuba, two of its existing data repository systems, for short-term and long-term analysis. Facebook then quickly acts upon these threats; for instance, it sends back all malicious URLs to its blacklist in order to better protect regular Facebook users.
Mark Hammell, an internet threat researcher at Facebook said, “The datum is capable of storing not only the basics of the threat but also the context in which it was bad. The added context is used in other parts of the framework to make more informed, automatic decisions. Discoveries and detection capabilities like these are just the tip of the iceberg. We’re constantly finding new ways to improve and extend the ThreatData framework to encompass new threats and make smarter decisions with the ones we’ve already identified.”
If you are interested to know more about ThreatData, hit the link below.