Microsoft collaborates with the security community and with partners to advance and improve security for customers and the broader security ecosystem.
Security Ecosystem Collaboration
Microsoft works to mitigate exploitation of vulnerabilities in Microsoft software through the collaborative strength of the industry and through partners, public organizations, customers, and security researchers.
Microsoft supports and encourages reasonable or coordinated vulnerability disclosure. Security researchers who report vulnerabilities to Microsoft live and work all over the world. Consequently, security-related conferences and events are held around the globe. The MSRC sponsors and attends many of these conferences and events.
Engaging in the security community by supporting worldwide events helps Microsoft learn about new areas of security related focus and trends, tools and techniques, and related cultural and philosophical elements that affect the security landscape. For more information, see Security Ecosystem Collaboration.
Microsoft Vulnerability Research (MSVR)
MSVR is a program that allows Microsoft to proactively work with the security community in sharing knowledge and best practices. The goal of MSVR is to help foster positive change, which will ultimately improve the security ecosystem for everyone. For more information, see Microsoft Vulnerability Research.
BlueHat Security Briefings
BlueHat is an invitation-only, cutting-edge conference aimed at improving the security of Microsoft products. Microsoft security professionals and external security researchers come together in a relaxed environment that promotes the sharing of ideas and the strengthening of the global security community.
BlueHat continuously seeks out new and innovative material that highlights important emergent technologies, techniques, and industry best practices. For more information, see Microsoft BlueHat Security Briefings.
Microsoft Active Protections Program (MAPP)
MAPP is a program for security software providers. Members of MAPP receive security vulnerability information from the MSRC in advance of Microsoft’s monthly security update.
When MAPP partners receive vulnerability information early, they can provide updated protections to customers via their security software or devices, such as antivirus software, network-based intrusion detection systems, or host-based intrusion prevention systems. Visit the MAPP Partner page to check for the most recent protections. For more information about MAPP, see Microsoft Active Protections Program.