Michael Roytman of AlienVault partner Risk I/O discusses the customer benefits of AlienVault Open Threat Exchange™ (OTX).
Risk I/O is a vulnerability threat management platform, and we allow our users to correlate data that comes out of all of their scanners or their SIEM systems and prioritize that data based on a bunch of threat intelligence, one of the sources of intelligence being the OSSIM
We use the data that AlienVault collects from the Open Threat Exchange in order to prioritize vulnerabilities. We track which ones are actively being breached in the wild by looking at a lot of the components that you provide such as the exploit data as well as the vulnerability data paired together, and that allows us to tell our customers what’s actively being attacked on the internet right now, correlate that to their vulnerabilities so they can make intelligence prioritization decisions.
So the data is pretty unique in that it’s very hard to get a grasp of what’s happening outside of our customers’ networks, and by using the Open Threat Exchange we’re able to tell our customers which vulnerabilities are most at-risk by looking at traffic outside the internet. It allows them to make smarter decisions. It also allows them to know which vulnerabilities to remediate in real-time.
So the integration has been incredibly popular and people think it is one of the most important attributes of a vulnerability is to know what’s happening on the internet across all of the other businesses that AlienVault monitors. They think this is one of the biggest facets that they use when choosing which vulnerabilities impact their infrastructure the most, and it’s currently our most popular and most-used feature.
“Security”, “Intelligence” and “Cost-effectiveness”