While Palo Alto Networks have subtly changed the word to MineMeld it’s a similar process – collaborate and be of one mind to get the bad guys.
It has announced an ambitious programme to help prevent successful data breaches and maintain trust in the digital way of life.
In essence, it is to help organisations share threat intelligence among peers, through information sharing organisations, or with government-based programmes, to leverage community-based visibility into malicious activity on the Internet.
It says the vision is clear: the more data you ingest, the more you can improve your risk posture. But a data pile alone isn’t actionable. To achieve the desired outcome of preventing cyber attacks, organisations must be able to action on collected indicators of compromise (IOCs), automatically transforming them into prevention-based controls for enforcement on security devices.
Traditional approaches have challenged security teams with complex workflows, across multiple tools, to aggregate a growing number of threat intelligence source, and drive enforcement down to local devices. As part of its commitment to the security community, and mission of driving a new era of threat intelligence sharing, Palo Alto Networks has announced the public availability of MineMeld to the entire security community. It is an open source tool that simplifies the aggregation, enforcement, and sharing of threat intelligence.
Through MineMeld, organisations can integrate public, private, and commercial intelligence feeds, including results from other intelligence platforms, into a unified framework that natively feeds new prevention-based controls to Palo Alto Networks and other security devices. An an open-source tool, MineMeld was built to be extensible, allowing organisations to tailor the input, processing, and output of information for their environments. The source code is available on GitHub, as well as on pre-built virtual machines (VMs) for easy deployment.
As part of the MineMeld release, it has partnered with some leading organisations to build a threat intelligence sharing ecosystem, with native support built into MineMeld from the very beginning, including Anomali, The Media Trust, Proofpoint, Recorded Future, Soltra, SpamHaus, as well as its AutoFocus service.
MineMeld also supports a wide variety of open source intelligence providers. It encourages others in the security community to take up the banner and join the ecosystem by contributing a new Miner to the tool.
It states,“Together; we can simplify the sharing of threat intelligence for organisations across the globe, creating a stronger community that drives adoption of intelligence as a core element of a prevention-based strategy. Help us make successful cyber-attacks more costly, and less effective than ever before.”