Microsoft today announced the launch of Interflow, a security and threat information exchange platform for professionals working in cybersecurity. The service is now in private beta. Microsoft wants to eliminate manual processes, rapidly detect and analyze using automated machine-to-machine shared security and threat information, while helping reduce cost of defense. It is built based on the STIX (Structured Threat Information eXpression), TAXII (Trusted Automated eXchange of Indicator Information), and CyBox (Cyber Observable eXpression standards) specifications.
Interflow enables automated machine-to-machine exchange of security and threat information, using community-driven format and structure specifications. It allows users to create their own sharing communities, and define what to share and with whom. Interflow’s filtering capabilities enable users to create watch lists and prioritize rapid action, instead of manual compilation of data. Through Interflow’s watch lists, customers no longer have to look for needles in a haystack.
Organizations and enterprises with dedicated security incident response teams can inquire about the private preview through their Technical Account Managers or by emailing [email protected]. Microsoft plans to make Interflow available to all members of the Microsoft Active Protections Program (MAPP) in the future.
Microsoft also announced that private preview Interflow is free for Microsoft Azure subscribers. You can get more information on Microsoft Interflow on the MSRC blog or visit www.microsoft.com/interflow.