Ref: http://www.microsoft.com/security/msrc/collaboration/mapp.aspx
The Microsoft Active Protections Program (MAPP) is a program for security software providers. Members of MAPP receive security vulnerability information from the Microsoft Security Response Center (MSRC) in advance of Microsoft’s monthly security update. When MAPP partners receive vulnerability information early, they can provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion prevention systems. Even with these protections, Microsoft recommends that customers deploy security updates to help prevent exploitation of vulnerabilities as quickly as possible. Get an Early Start on Building Protections The amount of time between the release of a Microsoft security update and the release of exploit code for that update continues to shorten. MAPP gives security software providers early access to vulnerability information. Before this program, security software providers had to wait until the public release of a security update before building protections. With MAPP, security software providers can deliver protection features to customers more quickly. Microsoft Active Protections Program Criteria Because of the sensitive nature of the information shared through MAPP, Microsoft has defined objective and measureable eligibility criteria for participants in MAPP. MAPP members must: - Execute a Non-Disclosure Agreement with Microsoft. - Create *active* application-based or network-based protections commercially for Microsoft products. (Active protections are software security measures that can detect and defend a Microsoft system from intrusions. Active protection technologies can protect a Microsoft system by themselves, by either blocking or defending against any exploitation attempts without the availability of a Microsoft update.) - Serve a significant Microsoft customer base of 10,000 users or more. - Not be a primary seller of a commercial products used to attack or weaken the security of networks or applications. - Adhere to and practice some form of responsible disclosure. - Agree to publish monthly protections only on the date of bulletin release, and not before. - Not use program data directly in any product. (Copying and pasting program data is prohibited.) - Agree to be featured as a member of the program in promotional materials about the program. *Note:* Microsoft solely retains any and all discretion as to whether a particular entity meets the criteria, and if so, whether a participant may stay in the program. Join the Microsoft Active Protections Program Security software providers who meet the above criteria can e-mail mailto:[email protected] <[email protected]>. The program is open for enrollment. -------------------- Regards -------------------------- Sandeep Thakur -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
