Microsoft forms broad alliance to meet security response needs
Microsoft has formed the Microsoft Security Response Alliance (MSRA), the latest evolution in Microsoft's efforts to build strong alliances with partners in the security response ecosystem.
Founded in experience.
The MSRA builds on the fundamental underpinnings developed by the following alliances:
Virus Information Alliance
Microsoft Virus Initiative
Microsoft Security Support Alliance
Global Infrastructure Alliance for Internet Safety
Microsoft Security Cooperation Program
These alliances provide the baseline framework for how to build strong, valuable alliances that allowed security response and research with multiple partners, vendors, governments, and infrastructure providers to collaborate in a secure and timely manner
Providing streamlined collaboration.
The MSRA allows Microsoft to take lessons learned from those individual alliances and use them to build a comprehensive, consolidated alliance framework that can help meet the security response needs of Microsoft customers.
The MSRA will provide the following:
A new interactive Microsoft Security Response Portal that streamlines collaboration between these partners and Microsoft
A common communication framework with which to share security response information.
Escalation contacts into Microsoft Security Response and Support Teams.
An annual Worldwide Security Response and Safety Summit hosted by Microsoft.
In addition, Microsoft will have a dedicated forum within the Security Response Portal for the anti-virus researcher community to continue to work with Microsoft and provide feedback and input on new Microsoft product releases and ways we can continue to improve the security of the Microsoft platform and its products.
Strong member organizations.
The Global Infrastructure Alliance for Internet Safety (GIAIS)
GIAIS is an alliance of the world's leading Internet Service Providers, which have organized to improve security and safety on the Web, manage threats consistently across a broad spectrum, and identify and mitigate existing vulnerabilities.
The Microsoft Virus Initiative (MVI)
MVI enables Microsoft to share key technical details of Microsoft technologies with our security research partners to provide a better together integration experience designed to help protect our shared customers from malicious software.
Virus Information Alliance (VIA)
VIA is a collaborative effort between Microsoft and several of our anti-virus partners to provide our customers with detailed information on significant viruses that are affecting Microsoft products and our customers. Members of this alliance exchange valuable technical information on newly discovered viruses so that we can more quickly communicate to customers their targets, impact and methods of remediation.
Microsoft Security Cooperation Program (SCP)
SCP provides a framework for information exchange and collaboration with organizations responsible for public sector IT infrastructure, law enforcement, public safety, and education. As a security partner, Microsoft can help public sector entities address threats to information security, economic strength, and public safety efficiently and effectively.
SCP consists of three public sector sub-programs:
SCPg: SCPg provides a structured way for governments and Microsoft to engage in cooperative security activities in the areas of computer incident response, attack mitigation, and citizen outreach. The goal of SCPg is to help governments address threats to national security, economic strength, and public safety more efficiently and effectively through cooperative projects and information sharing.
SCPe: SCPe provides a structured way for Microsoft to engage with higher education in the areas of security analysis and response, attack mitigation, and student/faculty outreach. SCPe enables the exchange of security information between Microsoft and SCPe participants. This information may be used to mitigate the negative effects of a cyber attack, allowing both Microsoft and SCPe participants to respond rapidly to attacks when they occur.
SCPcert: SCPcert is a program for national, regional, or population-based CERTs, CSIRTS, and other Response and Guidance organizations that represent a nation, region, or population. This program provides these CERTs a structured and collaborative environment to come to for information on threats to Microsoft products that affect their stakeholders, to receive detailed information on those threats, and to share information with Microsoft and other CERTs.
Microsoft Security Support Alliance (MSSA)
The MSSA provides authoritative and timely information on newly discovered security threats to our OEM partners and allows them to exchange security information to better communicate to customers the impact and available remediation to these threats.
Security Alliance for Financial Institutions (SAFI)
SAFI is an alliance between Microsoft and worldwide financial institutions organized to improve computer security incident response, better the computer threat and attack information sharing, and strengthen the outreach with the banking industry. This collaboration is aimed at ensuring a secure and healthy computing ecosystem.
For more information about the Microsoft Security Response Alliance you can email us at: msra@microsoft.com.
