Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Expands MAPP, Shares Attack Data With Incident Responders

Posted by Unknown on from the negative-three-day-vulnerability dept.

Trailrunner7 writes "Microsoft is expanding its MAPP program that shares attack and protection information with other security vendors and will now be sharing some data with incident responders, as well. The new system will enable organizations such as CERTs and internal IR teams to exchange information on specific attacks and general threats. Now, Microsoft is expanding and changing the MAPP program so that more people will have access to some of the data and the information will be available earlier. Until now, MAPP members get access to patch data 24 hours before the release. Microsoft will be giving that information to MAPP companies three business days before Patch Tuesday going forward. The new MAPP for Responders program is an extension of the existing system and is designed to allow incident response teams to share information among themselves and to benefit from the threat intelligence that Microsoft has, as well."

18 comments

  1. Shill Story by Anonymous Coward · · Score: -1, Offtopic

    Don't they already share it with the NSA?

    No matter how many shill stories hit the headlines about something "good" these big corporations are doing now, it won't make us forget the fact that they're perpetuating pervasive monitoring of their customers.

    Microsoft et al won't ever get their rep back. They'll all, always, be the companies that installed backdoors and aiding spying on their customers in _foreign_ countries. Good riddance.

    1. Re:Shill Story by Anonymous Coward · · Score: 5, Insightful

      ..shill..

      Sigh.. The Godwin's law of Slashdot now moving up to first post. The mark of a closed zealot mind is calling everything you don't like the work of shills.

      This summary is not praising anyone, it is a factual story about MS changing their MAPP program. As someone working in security I find it interesting. We don't like facts now?

      If you have a relevant argument about NSA in this context it would be much helped by non ad hominem arguments.

    2. Re:Shill Story by Anonymous Coward · · Score: -1

      I guess you work for Microsoft/NSA/Samething.

  2. MAPP isn't nearly enough... by Freshly+Exhumed · · Score: -1, Troll

    Microsoft Security wants to make sure that anyone discussing such an issue as this is firmly, completely part of the hive-mind: https://www.microsoft.com/security/msrc/collaboration/mapp/criteria.aspx

    Microsoft whistles past the graveyard once again.

    --
    I deny that I have not avoided attaining the opposite of that which I do not want.
    1. Re:MAPP isn't nearly enough... by mwvdlee · · Score: 1

      Given the nature of the information and intended purpose, I don't see much wrong here.

      The only thing slightly unreasonable to me is the "Are you willing to have your company name and URL displayed on our MAPP website?" question, but only because it has nothing to do with security and it probably the result of having to please the marketing department. In itself the question is harmless and most companies would probably prefer to have their name associated with MAPP.

      Which questions do you think should be changed, removed or added and why?

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    2. Re:MAPP isn't nearly enough... by benjymouse · · Score: 3, Interesting

      The only thing slightly unreasonable to me is the "Are you willing to have your company name and URL displayed on our MAPP website?" question, but only because it has nothing to do with security and it probably the result of having to please the marketing department.

      In the interest of public disclosure of *who* has access to advance information about vulnerabilities before they are patched, I actually find it highly relevant. I can see good coming from giving truly security minded companies a head start. But I would like to know *who* gets this head start.

      A few years back a rogue Chinese security company (or just a rogue employee?) leaked proof-of-concept exploit code to Chinese hacker websites. The security company had received the PoC code from Microsoft as part of the MAPP program. The intention was that security companies (AV vendors) could use the PoC code to create heuristics/signatures to scan for exploit attempts.

      Of course the spin on slashdot was that Microsoft had "leaked" exploit information. Go figure.

      It is also in this light we have to view the "Microsoft shares vulnerability information with the fr***** NSA!!! OMG! Conspiracy!!!" debacle.

      Problems with NSA overreaching notwithstanding, I for one believe that NSA should receive vulnerability information at about the same time as it is made public to the other MAPP partners. This news is just that similar agencies of other countries now will receive the information at the same time as NSA and other MAPP partners.

      Which is 1-3 days in advance.

      --
      Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
  3. show us your code - show us your code by Anonymous Coward · · Score: -1

    you want to show the world you care, MS? Windows 9 or whatever dick name you call it should be open source.

    put up or stfu

  4. New $$$ by Anonymous Coward · · Score: 0

    New way to make more bucks - by faster access to patch

  5. Fuck These Daily Microsoft Parroted News Stories by Anonymous Coward · · Score: -1

    fuck them all!

    gtfo shills and go polish knobs on some other site, try kuro5hin, i hear they like a bunch of circle jerk articles

  6. Re:Fuck These Daily Microsoft Parroted News Storie by Anonymous Coward · · Score: 0

    Love the "use Linux or GTFO" mentality...

  7. microsoft, do the nsa give good binary head? by Anonymous Coward · · Score: -1

    tell us which chair leg you like up your ass greased and ready

  8. Re:Fuck These Daily Microsoft Parroted News Storie by Anonymous Coward · · Score: 4, Insightful

    Waah waah, my open source religion does not allow me to read Microsoft news.

  9. desperation.. by Anonymous Coward · · Score: 0

    Looks like I'm going to assist to the huge catastrophic collapse of Microsoft within my timespan afterall. This is great, I already have my popcorn ready!

  10. Microsoft Sandpit of Hell :) by dgharmon · · Score: 1

    "Microsoft is also putting Azure cloud to work via the MAPP Scanner program, which uses Redmond's servers to scan Office documents, PDF files, flash movies, and URLS for potential malicious content .. The scanner works by spinning up VMs for every supported version of Windows, and opens the content in all supported versions of the appropriate application, then looks for signs of a threat."

    Reminds me of that Japanese horror movie where this feller is trapped in a sand pit and has to continually shovel sand into a basket that some unknown entity draws up to the surface with a rope, only the sand is continually falling back into the pit. If he don't keep shoveling then he drowns in sand ..

    --
    AccountKiller
  11. MAPP program and security? by dgharmon · · Score: 0

    "This summary is not praising anyone, it is a factual story about MS changing their MAPP program. As someone working in security I find it interesting. We don't like facts now?"

    I don't like this fact, in order to protect *MY* documents from hackers, I must upload them to a VM in the Azure cloud ...

    --
    AccountKiller
  12. Blackhat goldmine by GameboyRMH · · Score: 1

    1. Set up multiple front companies and get them in the MAPP program
    2. Use byzantine fault tolerance to thwart canary traps
    3. Become a top "cyber-weapons" dealer
    4. PROFIT!

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  13. Re:Fuck These Daily Microsoft Parroted News Storie by Anonymous Coward · · Score: 0

    Why do you assume he's an OSS guy and not, say, a Mac guy?

  14. Re:Fuck These Daily Microsoft Parroted News Storie by Anonymous Coward · · Score: 0

    Apple's fanboys usually have at least a 3rd grade understanding of grammar.