MAPP Partnership Expansion to Boost Threat Response

Fighting security threats is a never-ending job. And Microsoft can’t do it alone.

Fortunately, we have a wide range of dedicated partners in the industry and government to help us detect and respond to attacks as they occur, and to help protect our customers over the long term.

One of our most successful partnership efforts is the Microsoft Active Protections Program (MAPP), through which we share threat information with security vendors ahead of our regular monthly security updates.

Launched five years ago, MAPP gives vendors more time to develop and deploy signature-based protections for their customers, helping them stay a step ahead of the bad actors who write programs to exploit software vulnerabilities when we release updates to address them.

Recently, the Microsoft Security Response Center (MSRC) announced that MAPP would be expanded, adding more partners and giving our top collaborators even more time to create more comprehensive, higher-quality protections. You can read all the details in our annual MSRC Progress Report.

Here are some of the highlights:

MAPP forSecurity Vendors will replace the original MAPP, which was launched five years ago. As part of our monthly security bulletin release process, we will engage certain partners to help validate our guidance prior to final release. In addition, those MAPP partners will receive detailed data on the vulnerabilities Microsoft intends to patch three business days prior to Update Tuesday. Previously, we have only provided one day’s notice.

MAPP for Responders is a new initiative that will share threat intelligence information, including malicious URLs, file hashes, incident data and detection guidance, with a broader audience. Sharing this information helps frontline defenders detect and disrupt attacks, and contain issues as they occur. Over time, MAPP for Responders will build a community geared toward information exchange.

MAPP Scanner is a new cloud-based service that allows participants to submit Office documents, PDF files, and URLs to be scanned for threats, thus boosting our ability to discover new, previously unknown attacks and attack vectors. Currently in a pilot program with select partners, this service leverages our own product knowledge, processes and internal investigation tools.

These new programs are part of our broader, end-to-end strategy to increase protection for our customers. For more details, please read the MSRC Progress Report. Additional summaries can be found on our MSRC Blog and BlueHat Blog.

About the Author
Adrienne Hall

General Manager, Trustworthy Computing

Adrienne Hall is a General Manager in the Microsoft Trustworthy Computing group, where she leads a team of information technology (IT) professionals who are focused on the security, privacy, reliability, and accessibility of devices and services built on Microsoft technology. Read more »