Bekker's Blog

Blog archive

More Equal than Others

Microsoft used the Black Hat USA conference in Las Vegas this week to announce one of its periodic rebalancings of its security patch program. This time, the company announced a program to give trusted security software vendors advance information about vulnerabilities and the creation of an exploitability index to help IT assess the importance of a given vulnerability.

The partner program is called the Microsoft Active Protections Program (MAPP). It's supposed to allow security software providers to protect their customers more quickly.

"In the race between exploit and protection, Microsoft is committed to shifting the advantage to the security industry. The Microsoft Active Protection Program gives security software providers the information and resources they need to help better protect customers," Andrew Cushman, director of security response and outreach, said in a statement.

Amen. One of the big issues with security patches is that they serve as a starting gun for both security vendors and IT departments to patch their systems and for criminals who try to develop exploits on the acknowledged vulnerabilities. The more lead time the good guys have to help their customers, the better. This actually seems like something that Microsoft has probably already been doing with some select vendors, and this MAPP announcement is an invitation for more security vendors to get involved.

Posted by Scott Bekker on August 06, 2008


Featured

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.

  • Microsoft Brings Copilot AI Into Viva Engage

    Microsoft 365 Copilot in Viva Engage is now generally available, extending Copilot's AI-powered assistant capabilities deeper into the Viva platform.