Microsoft Security Response Center

Locations

United StatesChangeAll Microsoft Sites

Search

Print Email Share
Print Email Share

Microsoft Active Protections Program Criteria

Thank you for your interest in the Microsoft Active Protections Program (MAPP).

Microsoft has defined objective, measureable, and tailored membership criteria for prospective participants. The criteria is designed to ensure that Microsoft is able to work with a defined number of security software providers to protect a broad range of customers. We will evaluate the criteria continuously, based on customer and partner feedback, to determine if it needs to be refined.

MAPP has open enrollment for software security providers. Please find below the initial selection criteria to request application to MAPP. For additional information, please see these Frequently Asked Questions.

Please complete this questionnaire to request application to MAPP:

All fields are required to move forward.

  1. Are you willing to sign a Non-Disclosure Agreement with Microsoft?

  2. Do you adhere to and practice some form of coordinated vulnerability disclosure?

  3. Do you have a Microsoft customer base of 10,000 users or more?

  4. Are you willing to have your company name and URL displayed on our MAPP website?

  5. Are you willing to actively create updated protections on a regular basis based upon the data provided by Microsoft through MAPP?

  6. Do you agree to publish monthly protections derived from MAPP information only after Microsoft’s public security update release?

  7. Do you provide active protection technology for Microsoft products and is your product commercially available? (Active protection technology is the ability of software to detect intrusions into a Microsoft system or defend a Microsoft system from exploitation attempts without the availability of a Microsoft security update for the issue being exploited. For example, antivirus definitions that trigger malicious behavior or IDS signatures that block exploitation attempts are active software security protections.)

  8. Do you sell or create products used to attack or weaken the security posture of networks or applications? For example, penetrating testing tools or exploit framework.

Check My Answers

Was This Information Useful?