Community Guidelines for Threat Intelligence Feeds

Article by Forta Network May. 5, 2023

In the last six months, Forta’s community of developers and security researchers have collaborated on the development of some of the first Web3-focused threat intel feeds: the Scam Detector and the Attack Detector. 

The Scam Detector emits intel about scams and other threats impacting end users (i.e. phishing attacks, address poisoning). The Attack Detector emits intel about smart contract exploits. Each feed consists of a bundle of underlying bots, where each bot was developed and maintained by a Forta community member. 

Combined, the two feeds received contributions from over 20 community developers. This makes Forta’s Threat Intel Feeds the first community-based security tools in Web3! Additional feeds are under development for things like NFT Scams and Positive Contract Reputation and will be available on Forta soon. 

Leveraging the Forta community as a decentralized product team has certain advantages, namely the variety of unique detection approaches used. This often results in better threat coverage and higher overall precision and recall. Network effects will also allow us to scale coverage faster as the community grows. 

Using a decentralized product team can also present risks though, particularly around quality control and standardization. To mitigate these risks, the Forta community is adopting a framework that will apply any bot being considered for inclusion in a threat intel feed. 

Key Factors Include: 

Strategic value
Technical performance
Detection performance

If you are a developer or security professional interested in contributing to the Forta Network and Threat Intel Feeds, introduce yourself here