LookingGlass Cyber Solutions has announced OpenTPX, a contribution to the open-source community to enable threat intelligence providers and security operations to integrate full context across their security portfolios.
OpenTPX focuses on providing a complete picture of security and threat intelligence via mechanisms to convey network topology information, network ownership, network segmentation, threat metadata, threat intelligence and mitigation actions, via one interface. OpenTPX was created to build highly scalable machine-readable threat intelligence, analysis and network security products that exchange data at large volumes and at high speed. By taking advantage of data model inheritance and meta-data constructs, the OpenTPX schema permits threat dictionary and meta-data to be conveyed only once between communicating systems. This allows OpenTPX to transmit hundreds of millions of network security observations based on that meta-data in a highly optimized mechanism, without requiring retransmission of the meta-data. This avoids complex or unwieldy language mappings that often confuse or block efforts to develop interoperable network security and threat intelligence systems.
A core OpenTPX component provides a threat-scoring framework that allows security analysts, threat researchers, network security operations and incident responders to make relevant threat mitigation decisions.
“Enterprises require threat defenses that not only interoperate with each other but also provide more value than the individual solutions deliver on their own. The volume and complexity of threats today demands better solutions to address them,” said Allan Thomson, CTO of LookingGlass. “OpenTPX technology allows our customers to maximize their tools and operational data to dramatically improve threat visibility, network security and operational efficiencies.”
The open-source OpenTPX integration has been published, along with accompanying documentation.