Skip to main content
Rate:  

 

Microsoft Active Protections Program Criteria

Thank you for your interest in the Microsoft Active Protections Program (MAPP).

Microsoft has defined objective, measurable, and tailored membership criteria for prospective participants. The criteria is designed to ensure that Microsoft is able to work with security software providers to protect a broad range of customers. We will evaluate the criteria continuously, based on customer and partner feedback, to determine if it needs to be refined.

MAPP has open enrollment for software security providers. Please find below the initial selection criteria to request application to MAPP. For additional information, please see these Frequently Asked Questions.

Microsoft reserves the right to make membership decisions in its sole discretion. All questions about membership applications should be sent to: mapp@microsoft.com.

Please complete this questionnaire to request application to MAPP:

All fields are required to move forward.

  1. Are you willing to sign a Non-Disclosure Agreement with Microsoft?

    Yes No

  2. Do you adhere to and practice some form of coordinated vulnerability disclosure?

    Yes No

  3. Do you have a Microsoft customer base of 10,000 users or more?

    Yes No

  4. Are you willing to have your company name and URL displayed on our MAPP website??

    Yes No

  5. Are you willing to actively create updated protections on a regular basis based upon the data provided by Microsoft through MAPP?

    Yes No

  6. Do you agree to publish monthly protections derived from MAPP information only after Microsoft’s public security update release?

    Yes No

  7. Do you provide active protection technology for Microsoft products and is your product commercially available? (Active protection technology is the ability of software to detect intrusions into a Microsoft system or defend a Microsoft system from exploitation attempts without the availability of a Microsoft security update for the issue being exploited. For example, antivirus definitions that trigger malicious behavior or IDS signatures that block exploitation attempts are active software security protections.)

    Yes No

  8. Do you sell or create products used to attack or weaken the security posture of networks or applications? For example, penetrating testing tools or exploit framework.

    Yes No