Microsoft engages with the security community through a variety of programs
As a community we are all interested in better securing our customers and businesses. We believe that engaging the community and contributing back best practices will further that shared goal. Through cooperation we can address the threats in the ecosystem.
Microsoft Active Protections Program (MAPP)
MAPP is a program for security software providers. Members of MAPP receive security vulnerability information in advance of Microsoft's monthly security update. The goal of this program is to enable MAPP partners to update their Active Protections in order to protect customers before attackers can exploit vulnerabilities.
Forum of Incident Responders & Security Teams (FIRST)
FIRST is a vibrant community of CSIRT and PSIRT teams spread across the world. We come together to learn, share, and advance security across the ecosystem. Microsoft is active in many aspects of the FIRST community. You can find us in the Vendor, CVSS, Multi-party Vulnerability Disclosure, PSIRT Framework, Ethics, and Vulnerability Coordination SIGs. If you attend the annual conference, you will find us on stage, providing workshops, and in the crowd. We look forward to collaborating and sharing in this forum.
Industry Consortium for the Advancement of the Internet (ICASI)
Microsoft is a founding member of ICASI. This is an industry group where technology companies with mature security response processes come together to solve cross-industry problems and advance security across the ecosystem. Through ICASI we created the CSRF standard to help customers automate intake of security data from vendors. ICASI also serves as a third party broker for multi-party vulnerability disclosure.