Information Sharing and Exchange
The mission of Microsoft’s Government Security Program (GSP) is to build trust through transparency. Since the program’s inception in 2003, Microsoft has provided visibility into our technology and security artifacts which governments and international organizations can use to help protect themselves and their citizens. The Information Sharing and Exchange offering enables Microsoft to share and exchange materials about threats, vulnerabilities, anomalous behavior, malware information, and security issues against or related to Microsoft products and services. This offering brings together groups and resources across the Microsoft environment to help governments protect citizens, infrastructure, and government agencies.
The Information Sharing and Exchange offering provides
Advance notification of security updates
5-day advance notice of vulnerabilities with release notes and the affected software tables and 24-hour advance notification of public vulnerability announcements.
IP Addresses of Infected Devices
Microsoft’s Digital Crimes Unit (DCU) provides a sinkhole database of the malware-generated botnet feeds of infected hosts on a per-country basis.
Malicious URL Directory
A malicious URL directory identified by Bing as being malicious is updated multiple times each day.
Clean File Metadata
Clean file metadata helps identify files that are truly from Microsoft by using the cryptographic signatures of all Microsoft files.
Opportunities to work with and exchange information about cybersecurity threats and vulnerabilities through many different forums including community portals, conferences, digital communications, and direct engagement with a variety of Microsoft teams including engineering groups, as well as the Microsoft Security Response Center (MSRC) and Microsoft Malware Protection Center (MMPC).
Example of data use:
A government CERT identifies IP addresses associated with the Simda botnet in the Cyber Threat Intelligence Program (CTIP) botnet feed for their country.
The CERT notifies the IP address owners that they are likely infected with Simda and provides clean-up instructions and remediation guidance.
Contact your local Microsoft representative or email firstname.lastname@example.org to learn more about the Government Security Program