"kind of cloudy aggregation Carbon Black already practices"
To be fair, whilst I love Carbon Blacks products, I think Carbon Black are tooting a dusty horn.. other vendors have been doing this for several years.
The security industry’s supply chain is currently inferior to that of its attackers, says Carbon Black CEO Patrick Morley, but he thinks the industry is finding ways to fight back. In conversation with The Register yesterday, Morley advanced a theory that exploit brokers, malware authors and other bad actors work together. …
Security software writers benefit from being unique, from being the ONLY guy who can discover that nasty. Therefore, malware discovery to them is an asset.
On the other hand, malware writers collaborate because of mutual interest. You have something I need, I have something you need, we're friends!
That's the whole issue. Try to work around that ... any solution (including "collective intelligence"/sharing mentioned in the article) _won't_ work because it's solely based upon ethics and goodwill. Unfortunately, these two don't put dinner on the table, even though they might give a temporary PR boost (on launch day, day one, and day two - then forgotten afterwards).
I want to sell you "Protection A" and someone else wants to sell you "Protection B", I've just found a vulnerability and added protection. When people with "Protection B" get stung by this I'm happy to report they are now customers of "Protection A". That's how you get customers and money and sadly it won't change, all we can hope is that the people not aligned with these companies carry on reporting vulnerabilities and are not hindered by stupid legislation that the people creating the vulnerabilities will ignore anyway.