The AlienVault Open Threat Exchange (OTX) is the world’s most authoritative open threat information sharing and analysis network. OTX provides access to a global community of threat researchers and security professionals, with more than 100,000 participants in 140 countries, who contribute over 19 million threat indicators daily. OTX allows anyone in the security community to actively discuss, research, validate, and share the latest threat data, trends, and techniques.
Note: AlienVault also provides a free global threat dashboard powered by OTX, available at https://cybersecurity.att.com/open-threat-exchange/dashboard#/threats/top, which showcases some of the threat data sourced from the OTX community. Here, you can view a live feed of malicious activity recorded by OTX from around the world and see the top active threats.
The OTX community reports on and receives threat data in the form of pulses. An OTX pulse consists of one or more indicators of compromise (IOCs) that constitute a threat or define a sequence of actions that could be used to carry out attacks on networks devices and computers. OTX pulses also provide information on the reliability of threat information, who reported a threat, and other details of threat investigations.
All OTX members receive pulse information through their OTX Activity feed, as well as receive updates about pulses through email. This information appears as soon as you open an OTX account. OTX data can be used to enhance the threat detection capabilities, not only of security monitoring systems such as AlienVault USM Appliance™ and the open source AlienVault OSSIM® platform, but also of other third-party security monitoring and management systems.
Topics covered in this guide include the following: