In the 1930s, the United States created the Social Security Administration to help fund a pension system for senior citizens with the aid of IBM’s punched card equipment and accounting and payroll data expertise. No one could have anticipated that the Social Security number created for each U.S. citizen would one day become a prime target for cybercriminals.

Some 80 years later in 2015, IBM Security brought about a new wave of social security, enabling collaborative defense to boost threat intelligence sharing with IBM X-Force Exchange. Recently, X-Force Exchange has introduced a number of capabilities that will further enhance users’ ability to be social and still gain better security.

Open Standards

The open standards STIX and TAXII are now implemented for observables and collections in X-Force Exchange. Public collections are now even more public and can be accessed without connecting to everybody on the Internet. There are a wealth of public collections on malware and other attack vectors created by our IBM X-Force researchers, indicated by a blue bar on the contributor avatar.

These and other public collections can be easily imported to a security intelligence platform to reduce the time to action by creating a rule to produce an alert when indicators present in the collection are found in the infrastructure being monitored. Conveniently, such new rule sets are now available from the IBM Security App Exchange, which is hosted on X-Force Exchange.

Download the white paper: Combat security attacks with global threat intelligence

Circles of Trust

The key to any collaboration is the element of trust. Without the ability to trust other participants in any collaborative defense arrangement, users will doubt the reliability of the information being provided.

As mentioned above, IBM X-Force researchers are now marked in the X-Force Exchange to call attention to trusted contributions. Analysis of current threats, malware and attack vectors are now available as information is updated by our researchers, who span not only the globe, but also a wide range of skills and experience.

To form your own circle of trust, you can create a private group to share sensitive information with only those other users you choose. These users could be within your own company, an industry consortium or even a selection of colleagues spanning your entire career. Within a group, you can share a private collection to collaborate on the investigations and the associated threat indicators relevant to your network or industry.


As an investigation grows, the information in the collection that supports that investigation will naturally expand as more threat indicators are discovered and additional analysis of the threat is completed. With threat information being so dynamic, it is important for security analysts and other consumers to be updated as new information is discovered.

To that end, X-Force Exchange can now notify you as a collection is edited, whether it’s specific observables added to the collection, a new file attached, a new collection linked or changes made to the text description. With each of these, a notification email as well as a visual indication in the notification center alerts users, encouraging them to examine the collection to obtain the most up-to-date information.

A New Era of Collaborative Defense

Just as the original Social Security program will continue to evolve, so must the social and collaborative aspects of the modern security community. To take your part in the collaborative defense of the future, visit X-Force Exchange today.

Sign up for a free trial of the IBM X-Force Exchange

More from Threat Intelligence

An IBM Hacker Breaks Down High-Profile Attacks

On September 19, 2022, an 18-year-old cyberattacker known as "teapotuberhacker" (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website Gamers got an unsanctioned sneak peek of game footage, characters, plot points and other critical details. It was a game developer's worst nightmare. In addition, the malicious actor claimed responsibility for a…

Self-Checkout This Discord C2

This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by an attacker to introduce a command and control (C2) channel built upon Discord channel messages. Discord is a chat, voice, and video service enabling users to join and create communities associated with their interests. While Discord and its related software…

Charles Henderson’s Cybersecurity Awareness Month Content Roundup

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends and data, and the intricacies of their organization’s incident response plan. What does all this fear and uncertainty stem from? It’s the unknowns. Who might…

Old Habits Die Hard: New Report Finds Businesses Still Introducing Security Risk into Cloud Environments

While cloud computing and its many forms (private, public, hybrid cloud or multi-cloud environments) have become ubiquitous with innovation and growth over the past decade, cybercriminals have closely watched the migration and introduced innovations of their own to exploit the platforms. Most of these exploits are based on poor configurations and human error. New IBM Security X-Force data reveals that many cloud-adopting businesses are falling behind on basic security best practices, introducing more risk to their organizations. Shedding light on…