Microsoft, Industry Make Progress Defending Against Online Threats
July 27 2009 - 9:00AM
PR Newswire (US)
Information-sharing programs make impact; new tools and guidance
help manage online risk. LAS VEGAS, July 27 /PRNewswire-FirstCall/
-- Today at the Black Hat USA 2009 conference, Microsoft Corp.
unveiled the progress of its information-sharing programs,
providing insight into the positive impact the growing trend of
community-based defense is having on the broader security
ecosystem. In addition, in an effort to help improve customers'
risk analysis and security update management processes, the company
introduced new tools and guidance designed to help security
professionals around the world better manage online threats. (Logo:
http://www.newscom.com/cgi-bin/prnh/20000822/MSFTLOGO ) In an
effort to help shift advantage to the security industry, Microsoft
created the Microsoft Active Protections Program (MAPP), Microsoft
Exploitability Index and Microsoft Vulnerability Research (MSVR)
programs, announced at Black Hat last year. The MAPP and MSVR
programs increase the level of industry collaboration, and the
Exploitability Index builds on this collaboration and provides
additional information and guidance on managing risk to Microsoft
customers. In a new report, "Building a Safer, More Trusted
Internet through Information Sharing," Microsoft outlines how
through these programs, customers and partners are better able to
evaluate risk and have more access to countermeasures to help
combat cyber threats. The programs have helped the industry work
together to anticipate, respond to and help protect against online
threats by doing the following: -- Protecting more global
customers. As of July 2009, 47 global partners have joined MAPP
since the program's launch. As a result, customers are better
protected from threats more quickly. The number of customers helped
by partner protections ranges from the tens of thousands for
smaller specialist companies to hundreds of millions for
mass-market vendors. -- Decreasing the attack window. In the race
between exploit and protection, information shared through MAPP is
helping decrease the risk of attack. For example, Sourcefire Inc.
indicates that before MAPP, it took around eight hours to
reverse-engineer, develop proof-of-concept (PoC) code and then
build the exploit detection for a vulnerability. With MAPP, the
process for Sourcefire takes about two hours, which is a 75 percent
decrease. "Our relationship with Microsoft through MAPP gives us
the ability to deploy quality protections as soon as the Microsoft
security bulletins are made public," said Jason Avery, security
analyst with TippingPoint Technologies Inc. "The vulnerability
information we receive through MAPP allows us to keep our Intrusion
Prevention System filters as current as possible, helping ensure
our customers get the best protection against malicious exploits."
"In the race between exploit and protection, it is clear that
collaboration is key to shifting advantage to the security industry
and better protecting customers from the ever-changing threat
landscape," said George Stathakopoulos, general manager of the
Trustworthy Computing Group at Microsoft. "Microsoft is continuing
to take a community-based defense approach and partnering with
others in the industry to help protect more customers." The
Microsoft Exploitability Index has also proven an effective and
reliable resource to help customers better assess risk. Of the 140
Exploitability Index ratings Microsoft provided from October 2008
to June 2009, only one had to be modified -- a 99 percent
reliability rate. In addition, to help customers better protect
themselves, Microsoft released new tools and guidance that make it
easier to measure and manage risk today: -- Microsoft Security
Update Guide. Written to help customers better manage risk, the
Microsoft Security Update Guide outlines Microsoft's resources,
processes and practices surrounding its security release process.
Available for download, the guide helps customers plan for security
releases, improve risk evaluation decisions and highlight the
resources available to help customers deploy updates quickly with
minimal disruption to their IT environments. -- Project Quant. This
Microsoft-sponsored, open community project is aimed at developing
an update management cost model that IT departments, analysts and
consultants can use to establish common baselines and improve their
processes and practices. A Project Quant report containing a
description of the update management model, including the
community-developed update management cycle and associated details
concerning each phase of the update cycle, is available for
download. -- Microsoft Office Visualization Tool (OffVis). A free
tool designed to help combat file format-based software
vulnerabilities and exploits, OffVis will allow customers to better
understand and deconstruct Microsoft Office-based attacks. As a
result, security vendors can build deeper, more precise malware
detection signatures and develop new techniques for analyzing
malware. The tool is available for no-charge download. As the
global threat landscape continues to evolve, Microsoft is committed
to driving advances in industry collaboration and information
sharing, and providing the tools and guidance to help customers
anticipate and manage the threats they face online. Founded in
1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in
software, services and solutions that help people and businesses
realize their full potential.
http://www.newscom.com/cgi-bin/prnh/20000822/MSFTLOGO
http://photoarchive.ap.org/ DATASOURCE: Microsoft Corp. CONTACT:
Rapid Response Team, Waggener Edstrom Worldwide, +1-503-443-7070,
Web Site: http://www.microsoft.com/
Copyright