Security and Threat Information Exchange Platform Launched by Microsoft
- By Ginger Hill
- Jun 23, 2014
One of the most important factors in fighting against any cyber threat is response time – the quicker the response time the less likely a great amount of damage will result. To help make response time even quicker, reducing the amount of time it takes to respond to a threat, Microsoft launched Interflow, a security and threat information exchange platform that allows quick communication between cybersecurity professionals who respond to cyber threats, hoping to give security professionals an edge.
Growing from Microsoft’s MAPP (Microsoft Active Protections Platform), used to notify security software providers of vulnerabilities, industry specifications are used to create an automated feed of machine-readable threat information that can be shared across industries. Because it’s a distributed system, each user can customize what information or feeds are most relevant including who sees this information, what feeds to follow and what communities to join. This platform also uses open specifications with STIX, TAXII and CybOX so that software can integrate into existing systems, meaning users are not locked into proprietary data formats.
Microsoft has been testing this platform internally; however, as of this morning, other organizations with their own dedicated security incident response teams can inquire about Interflow. The ultimate goal is to make this platform available to all MAPP members.
Ginger Hill is Group Social Media Manager.