What is the Cyber Threat Alliance?
The Cyber Threat Alliance is a group of cyber security practitioners from organizations that have chosen to work together in good faith to share threat information for the purpose of improving defenses against advanced cyber adversaries across member organizations and their customers.
What is the goal of the Alliance?
The goal of the group is to disperse threat intelligence across all member organizations in order to raise the overall situational awareness of group members and to allow member-vendors to better protect their customers.
What makes this Alliance unique?
While past industry efforts have often been limited to the exchange of malware samples, this new Alliance will provide more actionable threat intelligence from contributing members, including information on zero day vulnerabilities, botnet command and control (C&C) server information, mobile threats, and indicators of compromise (IoCs) related to advanced persistent threats (APTs), as well as the commonly-shared malware samples. By raising the industry's collective actionable intelligence, Alliance participants will be able to deliver greater security for individual customers and organizations.
"A New Way to Share Threat Intelligence" to learn more. Download the paper
Is customer data at risk?
No. The Alliance Bylaws stipulate that members will not share any data that can be directly attributable to customers.
Who is in the Alliance?
What are the minimum requirements to join the Alliance?
Each member must share at least 1,000 samples of new Portable Executable (PE) malware per day that are not observed on VirusTotal over the preceding forty-eight (48) hours at the time of sharing, and meet at least one (1) of the following three (3) criteria:
How can my organization join?
We welcome new members to the Alliance. Please use the form to initiate contact.