Â鶹ÉçÇø

  Organisations are facing an increasing number of cyber threats, which makes it evident that relying solely on security tools and technologies may fail to detect malware, indicators of compromise, and emerging threats. As a result, organisations must remain vigilant in the face of ever-evolving cybercrime threats. Threat intelligence sharing is considered as one of the proactive defensive approaches for improving system detectability and incident response times and enhancing trusted partner security posture. However, threat sharing stakeholders have faced several challenges; the most prominent ones are a lack of trust and privacy concerns. In this context, we provide a solution that aims to address the issues of sharing sensitive data among multiple users through a secure and trusted infrastructure, employing a unified threat language. Our solution integrates cutting-edge technologies of AI, such as LLMs (privateGPT), automating threat sharing, and protecting data privacy, thereby enabling organisations to enhance their security posture, speed up attack detection, and reduce response times. The proposed work entails implementing trusted sharing through Hyperledger Fabric, a digital signature (Wallet), and STIX 2.1 (CACAO security playbooks). Threat sharing in cybersecurity can often contain sensitive information, which might be: covered by privacy regulations; time-sensitive; should only be seen by certain people; and need to contain redacted information. For this, we use smart contracts and CP-ABE (ciphertext-policy attribute-based encryption) for fine-grained control over sensitive data. This invention allows for a cryptographic method of interlocking each element of the information passed between a source of threat information and a consumer of it and enabling key information passing attributes such as time-bombing, time revealing, location-locking, and message redaction. Through this approach, organisations can establish a collaborative and secure platform to share threat intelligence, enhance their situational awareness, and proactively address emerging cyber threats.