Last Updated: 2014-06-23 16:36:49 UTC
by Russ McRee (Version: 1)
Microsoft announced a private preview of Microsoft Interflow today in timing with the 26th FIRST Conference in Boston. While its not available for general release yet this is the first public announcement of a project I've been tracking internally for awhile (I work at MSFT). Be patient, your opportunity is coming, this is good news for the DFIR community. Microsoft Interflow is a security and threat information exchange platform for professionals working in cybersecurity and allows collaboration for a collectively stronger ecosystem, action prioritization through automation, and integration via plug-in architecture. There's a write-up on the benefits as well as an FAQ so you can learn more. Microsoft Interflow, as security automation platform for the exchange of security and threat information, is based on the STIX (Structured Threat Information eXpression), TAXII (Trusted Automated eXchange of Indicator Information), and CyBox (Cyber Observable eXpression standards) specifications. This is all good news as it means that we're getting closer to general release.