Microsoft, today, announced the private preview of Microsoft Interflow, a security and threat information exchange platform for professionals working in cybersecurity. It uses industry specifications to create an automated, machine-readable feed of security and threat information. This information can be used by the security professionals giving them the ability to respond to threads in a timely manner.
By using Microsoft Interflow, analysts and researchers can also share this feed across industries and groups in real-time, hence cutting down the amount of time it usually takes to respond to potential threats.
“What the cybersecurity community will benefit from is a more productive way to collaborate and take action. It is encouraging to see Microsoft invest in such a platform, and drive it forward for the greater good of the community,” said Zheng Bu, VP of Security Research at FireEye, a company which aims to provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing.
Inteflow also supports open specificationsSTIX (Structured Threat Information eXpression), TAXII (Trusted Automated eXchange of Indicator Information), and CybOX (Cyber Observable eXpression standards). It lets Interflow integrate with existing operational and analytical tools, avoiding proprietary data formats, appliances or subscriptions, all of which raise the cost of cybersecurity.
The company is testing Interflow internally, but organizations with their own dedicated security team can also now enquire about the private preview. To do that, they can contact the Technical Account Managers or by emailing [email protected]. Microsoft is also planning on making Interflow available to all members of MAPP (The Microsoft Active Protections Program (MAPP), which was established in 2008 to provide security software providers with early access to software vulnerability information.Further reading: Microsoft, Security