Microsoft has launched a new security and threat information exchange platform called Interflow that should enable quicker communication between online security providers.
The software giant said in a press release this week, “Interflow uses industry specifications to create an automated, machine-readable feed of threat and security information that can be shared across industries and groups in near real-time.”
Interflow is designed as an extension of the company’s 2008 Microsoft Active Protections Program (MAPP), which informs security providers of software vulnerabilities. The new platform emphasises the importance of collaboration when tackling cyber threats, as seen with the Retail Cyber Intelligence Sharing Centre, which enables retailers to share cyber threat information amongst themselves and analysts.
The new program is also fully customisable, with users able to choose who they share information with and what communities they join. It uses open specifications with Structured Threat Information eXpression (STIX), Trusted Automated eXchange of Indicator Information (TAXII), and Cyber Observable eXpression (CybOX), which allows the software to integrate into existing systems and users aren’t locked into proprietary data formats.
So far, Microsoft has only been testing the platform internally, but the company has now said that is available for outside use in a private beta version for businesses with a dedicated security incident response team. The firm has also announced that it plans to offer Interflow to all of its existing MAPP users in the near future.
