New features in OTX enhance collaboration and sharing of threat intelligence

May 11, 2016 | Russ Spitler

Today we have released two major new features in Open Threat Exchange (OTX). For those of you who have not yet signed up – OTX is an open community that allows you to get updates related to the latest threats as well as collaborate with other security professionals to research and report activity you observe in your environments. AlienVault USM customers automatically receive the threat intelligence of OTX through the USM console, enabling rapid detection of the latest threats. We hope that the new features today open up a whole new way for you to participate and benefit from OTX.

Embedded Pulses – on any pulse you can now select ‘Embed’ to generate a java script snippet to embed the pulse on your website or blog. This will allow your readers to easily download the included IOCs in CSV format. If they are OTX users and logged in they will also be able to subscribe or download in OpenIOC or STIX format. We hope this helps you provide a new way for your visitors to interact with the research you publish or provide you a new way to point visitors to OTX with a little more visibility.

Expanded API – we have greatly expanded the functionality exposed through the API. With this release, you will now be able to create a pulse, search for pulses and indicators, get the details of an indicator as well as some additional functionality. (Pulses are collections of indicators of compromise related to a specific threat). Our SDKs are all updated to support these new functions – we look forward to seeing what you build!

We are excited to introduce this functionality and hope it is useful – as always please let us know if you have any ideas/comments/suggestions at

Russ Spitler

About the Author: Russ Spitler

Russell Spitler brings over a decade of experience building products and startup companies that secure companies across the globe. Russ currently serves as the AVP of Products at AT&T Cybersecurity where he is responsible for cybersecurity product strategy and the execution of the cybersecurity product roadmap that has resulted in the acquisition of over 7,000 commercial customers and over 20,000 open source users during his tenure. Russ was also one of the founders and a driving force behind AlienVault's Open Threat Exchange- a crowd-sourced threat intelligence community with over 100,000 active users from more than 140 countries. His leadership and focus on practical and effective threat detection has helped establish AlienVault's open-source and commercial products as an undisputed industry leader. Prior to AT&T, Russell served in engineering and product management roles at Fortify Software. Russ was instrumental in developing and maturing the Fortify product suite that dominated the application security testing market earning the leadership position in the Gartner MQ for 11 straight years. Fortify's 750+ customers included all 10 of the world's 10 largest banks and all the major branches and agencies within the US DoD. Russell frequently contributes articles and quotes for major news outlets and regularly presents at industry conferences such as RSA, and BlackHat.

Read more posts from Russ Spitler ›



Get price Free trial