Today’s computing security climate is rapidly changing. As threats continue to evolve from mischievous hackers pursuing notoriety to organized criminals stealing data for monetary gain, public concern is escalating. Trustworthy Computing (TwC), launched in 2002, is the Microsoft commitment to providing a more secure, private, and reliable computing experience based on sound business practices. As security risks continue to broaden and intensify, we are expanding our efforts to help protect our customers and build trust in the Internet. Led by some of the world’s top security experts and developers, Microsoft is committed to building more secure software, monitoring and responding to threats as they emerge, and helping others harden their defenses against malicious attacks.
Delivering World-Class Security Response
The MSRC delivers experience, expertise, and dedication to drive Microsoft’s industry-leading, worldwide security response
Monitoring and Managing Vulnerabilities. The Microsoft Security Response Center (MSRC) identifies, monitors, responds to and resolves security incidents and vulnerabilities in Microsoft software. The MSRC also releases monthly security updates, which can be delivered automatically to customers, and serves as a single, authoritative source for security information—all free of charge.
On Constant Alert. The MSRC is on constant alert for security threats, monitoring security newsgroups, and responding to reported vulnerabilities—365 days a year. The MSRC processes nearly 150,000 emails a year (411 per day) related to the investigation of potential security issues affecting Microsoft products. [To report a suspected vulnerability, email
Ten Years and Counting: Providing Unparalleled Security Response. For over 10 years, the MSRC has been distributing timely security updates and authoritative security guidance, and working with industry partners and the security community. This work helps our customers manage security risks, builds community-based defense capabilities, and enables the development of best practices that have been adopted by others in the software industry.
Responding to Security Incidents. When a security incident occurs, the MSRC leads an unparalleled worldwide response process – the Software Security Incident Response Process (SSIRP). The SSIRP was designed to quickly gain a thorough understanding of security incidents by mobilizing world-class security teams across Microsoft and around the globe—then effectively investigate, analyze, and resolve them.
Authoritative Guidance and Extensive Resources. Microsoft and the MSRC provide an unparalleled array of information, communications, processes, and tools that help IT professionals manage organizational risk.
Active Security Collaboration
The MSRC collaborates with the security community and industry partners to help Microsoft advance and improve security for customers and the broader security ecosystem.
Industry Conferences. Security researchers live and work all over the world so the MSRC engages the security community by co-sponsoring or attending nearly 50 security conferences worldwide each year, including serving as a prime sponsor at the preeminent Black Hat conference.
BlueHat Security Briefings. The MSRC invites security researchers to Microsoft and hosts a conference to cultivate relationships and to gain insight into emergent security technologies and techniques. This conference helps Microsoft improve product security and provide customers with better defenses.
Microsoft Active Protections Program (MAPP). In advance of Microsoft’s monthly security update release, the MSRC provides vulnerability information to over 50 security software providers. By receiving vulnerability information earlier, customers benefit from enhanced security protections from third-party Intrusion Detection Systems, Intrusion Prevention Systems or other security software signatures.
Advancing Innovation and Quality
The MSRC has a commitment to excellence, innovation, and quality which helps Microsoft continually improve and evolve in the security landscape.
MSRC Engineering – a team of security researchers – conducts detailed investigations of Microsoft software security issues and helps prevent software security issues through enhancements to the software development process. The team also provides guidance and information about mitigations and workarounds for vulnerabilities and active attacks, and acts as the engineering leader for any security incidents.
The Microsoft Exploitability Index. Often overburdened and functioning with limited resources, IT professionals require additional information to better evaluate risks. The Microsoft Exploitability Index, launched in October 2008, provides Microsoft customers with additional guidance to better prioritize the deployment of Microsoft security updates. Since inception, there has been only one rating revision; and the revision was reduced in risk assessment severity—a 99 percent reliability rate.
Security Intelligence Report. Using data derived from hundreds of millions of Windows users and some of the busiest online services on the Internet, Microsoft provides an in-depth semi-annual perspective and detailed analysis on the changing threat landscape. This report includes software vulnerability disclosures and exploits, malicious software (malware), potentially unwanted software, and data on privacy and breach notifications.
Microsoft Security Update Validation Program. Provides a small number of dedicated, external participants with limited and very controlled access to security updates. The sole purpose of this program is to test for application compatibility, stability, and reliability in simulated production environments. The end result of this program is higher quality updates for customers, which helps ensure more timely and effective deployment of updates.
Targeted Attacks Video Series
Tim Rains from Microsoft Trustworthy Computing outlines Advanced Persistent Threats in this installment of the Targeted Attacks video series