Bekker's Blog

Blog archive

More Equal than Others

Microsoft used the Black Hat USA conference in Las Vegas this week to announce one of its periodic rebalancings of its security patch program. This time, the company announced a program to give trusted security software vendors advance information about vulnerabilities and the creation of an exploitability index to help IT assess the importance of a given vulnerability.

The partner program is called the Microsoft Active Protections Program (MAPP). It's supposed to allow security software providers to protect their customers more quickly.

"In the race between exploit and protection, Microsoft is committed to shifting the advantage to the security industry. The Microsoft Active Protection Program gives security software providers the information and resources they need to help better protect customers," Andrew Cushman, director of security response and outreach, said in a statement.

Amen. One of the big issues with security patches is that they serve as a starting gun for both security vendors and IT departments to patch their systems and for criminals who try to develop exploits on the acknowledged vulnerabilities. The more lead time the good guys have to help their customers, the better. This actually seems like something that Microsoft has probably already been doing with some select vendors, and this MAPP announcement is an invitation for more security vendors to get involved.

Posted by Scott Bekker on August 06, 2008 at 11:58 AM


Featured

  • Microsoft Planning Additional Job Cuts in May

    Microsoft's ongoing layoffs are hitting its home turf, with new notices affecting 1,248 people in the Redmond, Bellevue and Issaquah, Wash. areas in May.

  • Microsoft's Loop App Now Available in Preview

    Microsoft's latest collaboration application, Loop, is now available as a public preview.

  • 2023 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft To Add ISV Designations to MCPP

    Microsoft's top partner executives detailed several changes it plans to make to the 6-month-old Microsoft Cloud Partner Program (MCPP).