The Healthcare Blocks platform is now fully integrated with Amazon GuardDuty and AlienVault's Open Threat Exchange. GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior. Open Threat Exchange is the world's largest crowd-sourced computer-security platform with more than 26,000 participants in 140 countries that share more than one million potential threats daily.
Our integration with these services' data feeds provides automated remediation of known and emerging network-based threats. Malicious IP addresses attempting brute force attacks or vulnerability reconnaissance are blocked at the TCP/IP level. This functionality complements our existing intrusion detection system which actively blocks common Web attacks such as code injections and cross-site scripting.
Identified threats are shared and remediated across all customer environments - we call this "Collective Threat Response." Since an adversary will often scan entire ranges of IP addresses associated with AWS, prior to rolling out this feature, our network logs would reveal an attack popping up in multiple places. With CTR, we can prevent the attack from being reproduced in other customer environments, as well as slow down distributed attacks that use multiple IP addresses.