Financial

Soltra to be shut down by financial sector partners

The Depository Trust and Clearing Corp and the Financial Services Information and Sharing Analysis Center are shuttering their joint cyber-threat information sharing venture, they announced this week.

By Shaun Waterman

November 18, 2016

AlphaBay operated for three years as a marketplace on the Tor network, rising as a leader among dark web marketplaces due to its speed, reliability and availability of goods that separated the site from its competitors. (Flickr)

Soltra is no more.

The Depository Trust and Clearing Corporation and the Financial Services Information and Sharing Analysis Center are shuttering their joint cyber-threat information sharing venture, they announced this week.

“The decision to close the business was not easy,” wrote FS-ISAC President and CEO Bill Nelson and Ron Jordan, managing director of DTCC in a statement Tuesday.

Launched in 2014, Soltra pioneered the use of automated cybersecurity intelligence sharing through the Structured Threat Information Expression (STIX) and the Automated Exchange of Indicator Information (TAXII) — standardized data formats developed with the support of the Department of Homeland Security that allow real-time, machine-to-machine sharing of cyber threat data like IP addresses associated with malware.

The launch product, Soltra Edge, was a peer-to-peer automated information-sharing system designed for the financial services sector but available for free download by anyone. Once installed, users could connect to a peer-defined network of trusted partners — sharing real-time cyber threat intelligence.

Soltra Edge is currently used by more than 2,800 organizations and governments in 75 countries around the world, the company says.

In 2015, the company launched Soltra Network, an attempt to expand beyond the financial sector and replace the peer-to-peer architecture with a centralized data repository — much easier to monetize.

“As envisioned, the new Soltra Network will connect Soltra Edge servers and route data between users in a hub-and-spoke model within a highly scalable, highly secure network,” the company said at the time.

But Soltra floundered in it its attempt to commercialize, according to people familiar with the effort.

Nelson and Jordan said both their organizations — FS-ISAC is a non-profit and DTCC is a user-owned market utility — “must regularly review our product offerings to ensure we … [are] carefully managing our expense base.”

On behalf of Soltra, a DTCC public relations person declined a CyberScoop interview request about the reasons for the sudden move.

In the statement, the two executives said that they were immediately ending updates for Soltra Edge — although anyone using it could continue to do so. Those contracted for support through Soltra Network would get service until the end of March next year.

“After March 31, the Membership model will be sunset … and we will be exploring options to make Soltra Edge open source.”

Laurent Liscia, the CEO of Oasis, the non-profit that now curates the STIX and TAXII, said in a statement that Soltra helped the data standards “become a mature component of global cyber defense infrastructure,” and a “catalyst fueling the rapid growth of cyber threat intelligence.”

Soltra may have been the first, but by the time it shuttered this week, it was one of more than 50 commercial and open-source products that used STIX and TAXII, he said.