Microsoft has launched the private preview of a new platform called Interflow today, which it hopes will help security professionals significantly cut down the amount of time it takes to respond to potential threats.
Announced in a blog post, the new platform – which grew out of its work with MAPP (Microsoft Active Protections Platform) - takes industry specifications to create an automated feed of machine-readable threat information that can be shared across industries and groups. Microsoft said that as it’s a distributed system, each user gets to decide which information or feeds are most relevant to their communities, and even which communities need to be established in the first place.
The platform also supports open specifications (like STIX – Structured Threat Information eXpression, TAXII – Trusted Automated eXchange of Indicator Information and CybOX – Cyber Observable eXpression) which means it will integrate with existing systems and avoids any potential data lock-in.
Microsoft had been testing the platform internally with its own security teams up, but now other organizations (which have their own dedicated security incident response teams) can enquire about the private preview through their account managers. Ultimately, Microsoft said it plans to make Interflow available to all members of MAPP in due course.
As recent events like Feedly’s downtime or Pinterest’s spam hack show, network security is essential for any company and being able to respond to threats as they happen is essential in fending off attacks.
Featured Image Credit – Jon Russell/Flickr