Patch me if you can: Cyberattack Series
The Microsoft Incident Response team takes swift action to help contain a ransomware attack and regain positive administrative control of the customer environment.
Today, the Microsoft Security Response Center (MSRC) announced the private preview of Microsoft Interflow. This is a security and threat information exchange platform for cybersecurity analysts and researchers.
Interflow provides an automated machine-readable feed of threat and security information that can be shared across industries and community groups in near real-time. This platform provides this information using open specifications STIX™ (Structured Threat Information eXpression), TAXII™ (Trusted Automated eXchange of Indicator Information), and CybOX™ (Cyber Observable eXpression standards). This enables Interflow to integrate with existing operational and analytical tools that many organizations use through a plug-in architecture. It has the potential to help reduce the cost of defense by automating processes that are currently performed manually.
You can get more information on Microsoft Interflow on the MSRC blog, and as well as in this FAQ and at www.microsoft.com/interflow.
Tim Rains
Director
Trustworthy Computing