How Microsoft's Team Effort Approach Improves Security
Microsoft announced new security initiatives and tools today at the Black Hat security conference in Las Vegas. The focus on partnership with other tech and security vendors helps identify threats and vulnerabilities more quickly, and demonstrates that Microsoft understands that effective security is a team effort.
The premature disclosure of a Windows vulnerability a couple months ago led to a renewed debate on the ethics of vulnerability disclosure. Microsoft wants to shift the culture of vulnerability and security research from "responsible disclosure" to "coordinated vulnerability disclosure".
With the Microsoft approach, security researchers and software vendors will cooperate to develop solutions--hopefully before the vulnerability is discovered by attackers of starts to be actively exploited. Only in the event of active attacks should details of the vulnerability be shared with the general public, and even then the disclosure should be coordinated responsibly.
Aside from shifting the focus of vulnerability disclosure, Microsoft is also fostering partnership and teamwork among customers, software developers, and security vendors with MAPP (Microsoft Active Protections Program). MAPP improves security and minimizes the window of opportunity for attack once a patch is released by preemptively keeping all parties in the loop.
Microsoft announced that Adobe is joining MAPP as well. Mike Reavey, director of the Microsoft Security Response Center at Microsoft said in a press release "We're excited about extending the benefits of MAPP to Adobe users as we've seen clear evidence of its impact in advancing customer protections. We continue to encourage the collective industry--from security researchers to vendors to customers--to recognize the responsibility we all share in fortifying the broader computing ecosystem against online crime."
The collaboration between affected companies and security vendors in the wake of the Operation Aurora attacks against Google and other companies in China earlier this year illustrated just how effective such efforts are for identifying and responding to threats. Of course, that coordination came after the fact, so it was a bit like shutting the barn door after the horses have escaped.
With any new threat, each party has only one or two pieces of the puzzle. Flying solo is like trying to guess what the final image of a 1,000-piece puzzle will be based on only the couple pieces you have in your hand. When IT security administrators share information, and when security vendors work together, the pieces of the puzzle come together and help all parties get a clearer view of the big picture in a fraction of the time.
To help guard against new threats--even on legacy Windows platforms or third-party applications--Microsoft is introducing a new tool called EMET (Enhanced Mitigation Experience Toolkit). Microsoft describes EMET, which is expected to be available in August, "EMET is a free tool that brings newer security mitigations to older Microsoft platforms and applications, both third-party and line of business applications. The tool specifically helps block targeted attacks against unfixed vulnerabilities."
The initiatives and tools unveiled by Microsoft will help foster teamwork and partnership among software developers and security vendors that should result in improved security for all.