Microsoft plans on providing new and more efficient ways for security professionals to effectively and swiftly respond to potential threats. This is why the company has just launched the closed preview of a platform named Interflow, designed with cybersecurity in mind.
The platform is said to have been announced in a Microsoft blog post, having stated that it is a product of collaboration with the Microsoft Active Protections Platform. Interflow is designed to “take industry specifications to create an automated feed of machine-readable threat information that can be shared across industries and groups”. Also, Microsoft has stated that users decide which information or feeds are shared with the communities and even which community is required to be established.
Up until now, Microsoft has been testing the platform internally having its own security teams assessing the threats. However, Microsoft states that the platform is available to other companies as well who desire to test and even participate in improving it. The company has also stated that it plans on making Interflow available to all MAPP groups in the future.
In terms of specifications, Microsoft said that Interflow supports a number of open specifications, such as STIX (Structured Threat Information eXpression), TAXII (Trusted Automated eXchange of Indicator Information), as well as CybOX (Cyber Observable eXpression). Given the latter, the platform should integrate with existing systems and avoid potential data locking.
Given that threats and cyber attacks are increasing in number, security is becoming every company’s main priority and being able to respond to cyber attacks at the same time they occur is the best solution in order to have a greater chance of successfully protecting the company network and systems.