Using Crowdsourcing to Improve Security

Sue Marquette Poremba

Crowdsourcing is one of those popular buzz words in the technology industry, but not one I often hear associated with security. According to a new Imperva study, however, maybe we should start thinking about crowdsourcing as a way to improve enterprise security.

Slide Show

Six Emerging Threats All Security Professionals Should Prepare For

At the end of April, Imperva released its study, Get What You Give: The Value of Shared Threat Intelligence. The study analyzed real-world attack traffic against 60 web applications between January and March 2013 to identify common attack patterns and found that the attack sources made up a disproportionate amount of the overall traffic against enterprise organizations in the report, and can be identified only by analyzing crowd-sourced attack data from a broader community.

Crowdsourcing increases community protection against large-scale attacks, and this is one of the biggest takeaway points of the study. According to the report:


Multiple attacking sources and payloads gradually cover more and more targets, thus affecting larger parts of the community. Identifying a “noisy” attack source - an attacker, payload or tool that repeatedly attacks – is important.  Security cooperation between organizations that suffer from Web attacks can create a “network effect” in which all members of the cooperating community can benefit by exchanging security and threat information.

Security cooperation is one of the components of CISPA, which the Senate just shot down for yet another retooling. Whether or not the government steps in with regulation, crowdsourcing may be the way to go for companies that want to improve their security efforts. The reason is simple – if there is cooperation at the earliest stages of an attack, one company may be able to help others prevent similar attacks in the future. As Amichai Shulman, CTO, Imperva, said in a release:

This report highlights the need for early identification of these types of attack sources and payloads across a community of web applications, so that organizations can leverage shared intelligence to better protect themselves and reduce risk.

And isn’t anything we can do to help each other in risk prevention and improved security a good thing?



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data


Close
Thanks for your registration, follow us on our social networks to keep up-to-date