Cyberspace Intelligence Specialists and Amateur Enthusiasts Can Now Submit Threat Reports Confidentially
The cybersecurity landscape is constantly evolving, and the need for effective threat intelligence sharing has never been more crucial. In this context, a group of European-based cybersecurity practitioners are launching a new platform called Draugnet, an anonymous threat reporting system designed to democratize cyber threat intelligence reporting.
Draugnet, which can be seen as a Lego block in the cyber defenders' toolbox, allows anyone to report a piece of threat intelligence without the need for registration or logging in. This accessibility is a key feature of Draugnet, as it aims to be not only for professional cybersecurity practitioners but also for individuals outside of the security ecosystem.
The platform is built on Malware Information Sharing Platform (MISP), an open-source cyber threat intelligence (CTI) sharing platform. This foundation ensures that Draugnet is robust and adaptable to the ever-changing threat landscape.
Draugnet can be used in a trusted environment, such as an information sharing and analysis center (ISAC) or another trust group. It is also designed to be hosted on a confidential compute environment, providing an additional layer of security. In a constrained access environment, Draugnet can help mitigate potential issues of anonymity and false reporting.
Contributing to cyber threat intelligence through Draugnet can be done in a simple and paperwork-less manner. Users can submit a vulnerability report through a simple web form and receive a follow-up token for future interactions or sharing. Submitted threat intelligence is presented in a simple machine-readable JSON format, making it easy for other cybersecurity professionals to understand and act upon.
Access to a Draugnet-enabled reporting platform can be given to a select group of individuals, such as a 'friends and family' list of cybersecurity researchers. The back and front end of Draugnet are decoupled, making it difficult for anyone who has access to the back end to trace the reporting individual.
Draugnet-enabled reporting platform can also be hosted using Intel Software Guard Extensions (SGX) to ensure confidentiality for in-memory data. This ensures that the data remains secure, even if the system is compromised.
While Draugnet offers a significant step forward in threat intelligence sharing, it is important to note that there is currently no way of guaranteeing against false or malicious reporting within the platform. Warranting complete anonymity online is a challenge for Draugnet, and it is up to the community to exercise responsible reporting.
The group of European cybersecurity professionals behind Draugnet will officially present and demonstrate the platform on October 19, 2023. Trey Darley and Alexandre Dulaunoy will launch and demonstrate Draugnet during FIRSTCON in Copenhagen on June 24.
Draugnet's mission is to provide a platform for quiet defenders, rotating trust groups, and anyone caught between responsible stewardship and unmanageable risk. By democratizing threat intelligence reporting, Draugnet is set to play a crucial role in the fight against cyber threats.
Read also:
- Web3 social arcade extends Pixelverse's tap-to-earn feature beyond Telegram to Base and Farcaster platforms.
- Navigating the Path to Tech Product Success: Expert Insights from Delasport, a Trailblazer in the Tech Industry
- Online Cyber Assaults May Deter Web Usage Among Younger Generations
- Navigating English for Common Tech and Devices Daily Use
