It’s now easier than ever to make threat intelligence from IBM X-Force Exchange actionable. Since its inception in 2015, X-Force Exchange has provided both granular indicators of compromise and higher-order intelligence through public collections to help shorten security investigations.

A recent update to the X-Force Exchange collaborative platform now offers recommended apps from the companion IBM Security App Exchange, based on the content of public collections, to help users implement threat intelligence into their end-to-end security portfolio.

Implementing Threat Intelligence

The Petya ransomware campaign in Europe earlier this year worked quickly. With the attack intending to destroy data rather than hold it hostage, every minute mattered. By using the recommendation engine on X-Force Exchange, users researching the “Petya Ransomware Campaign” public collection on IBM X-Force can now view related apps from App Exchange that can help put threat intelligence on Petya into action.

Users of the IBM X-Force Exchange will now see suggested apps from the App Exchange relevant to the content they are viewing.

In this case, the Threat Intelligence app for QRadar will add real-time threat intelligence from X-Force Exchange into the IBM QRadar SIEM — including any related reports on IP addresses and known malware hashes. In addition, the RFISI app provides additional rules in QRadar that implement the Threat Intelligence integration strategy and the NotPetya Content Pack adds additional detection based on Snort signatures and collaboratively developed threat intelligence to offer higher-fidelity detection of the NotPetya variant.

Full Circle Recommendations

Existing app users on App Exchange visiting the page for a particular app will now find related apps at the bottom of the page from both IBM and our network of security partners. If you visit any of the apps related to the Petya Ransomware Campaign Collection, you’ll discover recommended apps for additional threat intelligence sources, including those from partners such as Jeskell CyberSentinel, FireEye, PhishMe, ThreatConnect and more.

Learn More About IBM X-Force Exchange

More from Threat Intelligence

Expert Insights on the X-Force Threat Intelligence Index

5 min read - Top insights are in from this year’s IBM Security X-Force Threat Intelligence Index, but what do they mean? Three IBM Security X-Force experts share their thoughts on the implications of the most pressing cybersecurity threats, and offer guidance for what organizations can do to better protect themselves. Moving Left of Boom: Early Backdoor Detection Andy Piazza, Global Head of Threat Intelligence at IBM Security X-Force, sat down with Security Intelligence to chat with us about the rise in the deployment…

5 min read

Ex-Conti and FIN7 Actors Collaborate with New Backdoor

15 min read -   April 27, 2023 Update This article is being republished with modifications from the original that was published on April 14, 2023, to change the name of the family of malware from Domino to Minodo. This is being done to avoid any possible confusion with the HCL Domino brand. The family of malware that is described in this article is unrelated to, does not impact, nor uses HCL Domino or any of its components in any way. The malware is…

15 min read

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

4 min read - Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

4 min read

An IBM Hacker Breaks Down High-Profile Attacks

5 min read - On September 19, 2022, an 18-year-old cyberattacker known as "teapotuberhacker" (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website Gamers got an unsanctioned sneak peek of game footage, characters, plot points and other critical details. It was a game developer's worst nightmare. In addition, the malicious actor claimed responsibility for a…

5 min read