Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Interflow announced today at 26th FIRST conference

Published: 2014-06-23
Last Updated: 2014-06-23 16:36:49 UTC
by Russ McRee (Version: 1)
0 comment(s)

Microsoft announced a private preview of Microsoft Interflow today in timing with the 26th FIRST Conference in Boston. While its not available for general release yet this is the first public announcement of a project I've been tracking internally for awhile (I work at MSFT). Be patient, your opportunity is coming, this is good news for the DFIR community. Microsoft Interflow is a security and threat information exchange platform for professionals working in cybersecurity and allows collaboration for a collectively stronger ecosystem, action prioritization through automation, and integration via plug-in architecture. There's a write-up on the benefits as well as an FAQ so you can learn more. Microsoft Interflow, as security automation platform for the exchange of security and threat information, is based on the STIX (Structured Threat Information eXpression), TAXII (Trusted Automated eXchange of Indicator Information), and CyBox (Cyber Observable eXpression standards) specifications. This is all good news as it means that we're getting closer to general release.

Russ McRee | @holisticinfosec

 

0 comment(s)
ISC StormCast for Monday, June 23rd 2014 http://isc.sans.edu/podcastdetail.html?id=4033
Diary Archives