New Security Programs from Microsoft

Black Hat USA 2008 was the stage where Microsoft revealed that it was kicking its security game up a notch. The software giant’s commitment to protecting its customers has spawned a pair of new initiatives designed to enable a new level of security-information sharing. In this regard, the Microsoft Active Protections Program (MAPP) along with the new vulnerability Exploitability Index, are the programs offered to both end users and partners for added security.

“The introduction of these new programs helps address evolving online threats and provides more practical guidance to assess and manage risk,” said Andrew Cushman, director of security response and outreach at Microsoft. With the Microsoft Active Protections Program, the software giant effectively extends the bridge that separates it from the partner companies on the security market.

The Redmond company will share in advance data about the vulnerabilities it will be patching with the monthly security bulletin releases with providers of security products. The move is designed to help boost end user protection against exploits and attacks released on the heels of the company’s monthly patches targeting the vulnerabilities plugged by Microsoft before the security updates.

“In the race between exploit and protection, Microsoft is committed to shifting the advantage to the security industry. The Microsoft Active Protections Program gives security software providers the information and resources they need to help better protect customers,” Cushman added.

Additionally, Microsoft also announced the introduction of a new Exploitability Index. This resource will be bundled with the Redmond company’s monthly security bulletins and will indicate to customers which of the vulnerabilities are targeted by functional exploits, and therefore posing a greater risk.

“As security threats become more sophisticated, the global security community must combine its resources and work together to provide maximum security protections to worldwide Internet users. No one organization can counter online attacks alone. Therefore, we must use the combined strength of the industry, partners, customers and public organizations to build a more secure environment for everyone,” revealed George Stathakopoulos, general manager of security engineering and communications at Microsoft.