IBM X-Force Exchange

The IBM X-Force Exchange is a database of current security information. It compiles found vulnerabilities, known exploits, and malicious IPs. I signed up for the service for free and interface is very sleek and clear looking. The main screen is just IP after IP popping up as dangerous. There is a counter of malicious IPs logged in the last hour and there are over 1,000. Of course 99.9% of them are in the spam category but it looks like every once in a while one is flagged with scanning, malware, or command & control. There are also interest feed like found vulnerabilities, security related blog posts, and recent big topics like China scanning IP’s, PoSeidon POS malware, and IRC botnets. There are options to  add things to “Collections” which let you save reports on IPs to look at later.

IBM claims that their service is “One of the largest and most complete catalogs of vulnerabilities in the world” and that they log 25 billion security events per day. Users have access to over 700 terabytes of raw data, the rate of which will continue to grow the more users there are. The platform is designed to foster communication between security teams at different companies so that everyone can be better protected from cybercrime.

This platform is a big deal in the security community and will help centralized the knowledge gained by professionals. It will thwart a lot of loss sophisticated cybercriminals but the problem is that it doesn’t help against targeted attacks. It is more of a band-aid than a set of armor that keeps companies from falling for the same attack twice.

Ryan Frank