Microsoft believes that steps are being made in the right direction
Today at the Black Hat USA 2009 conference, Microsoft Corp. unveiled the progress of its information-sharing programs, providing insight into the positive impact the growing trend of community-based defence is having on the broader security ecosystem.
In addition, in an effort to help improve customers’ risk analysis and security update management processes, the company introduced new tools and guidance designed to help security professionals around the world better manage online threats.
In an effort to help shift advantage to the security industry, Microsoft created the Microsoft Active Protections Program (MAPP), Microsoft Exploitability Index and Microsoft Vulnerability Research (MSVR) programs, announced at Black Hat last year. The MAPP and MSVR programs increase the level of industry collaboration, and the Exploitability Index builds on this collaboration and provides additional information and guidance on managing risk to Microsoft customers.
“Our relationship with Microsoft through MAPP gives us the ability to deploy quality protections as soon as the Microsoft security bulletins are made public,” said Jason Avery, security analyst with TippingPoint Technologies Inc. “The vulnerability information we receive through MAPP allows us to keep our Intrusion Prevention System filters as current as possible, helping ensure our customers get the best protection against malicious exploits.”
The Microsoft Exploitability Index has also proven an effective and reliable resource to help customers better assess risk. Of the 140 Exploitability Index ratings Microsoft provided from October 2008 to June 2009, only one had to be modified — a 99 percent reliability rate.