At Black Hat USA 2009 conference, Microsoft introduced new tools and guidance to help security professionals, better manage online threats. “Microsoft Active Protections Program (MAPP), Microsoft Exploitability Index and Microsoft Vulnerability Research (MSVR) programs increase the level of industry collaboration, and Exploitability Index builds. In “Building a Safer, More Trusted Internet through Information Sharing,” Microsoft outlines how through these programs, customers and partners are better able to evaluate risk and have more access to countermeasures to help combat cyber threats.
Microsoft also released new tools and guidance:
•Microsoft Security Update Guide outlines Microsoft’s resources, processes and practices surrounding its security release process.
•Project Quant is a Microsoft-sponsored, open community project, aimed at developing an update management cost model that IT departments, analysts and consultants can use to establish common baselines and improve their processes and practices.
•Microsoft Office Visualization Tool (OffVis) is designed to help combat file format-based software vulnerabilities and exploits, OffVis will allow customers to better understand and deconstruct Microsoft Office-based attacks.