Security Advisor

Microsoft Previews Security Threat Info Cloud Exchange Platform

Microsoft on Monday announced that its cloud-based Interflow platform -- aimed at sharing security threat data among cybersecurity experts -- has entered private preview.

The new platform, which was announced in a blog post by Jerry Bryant, lead senior security strategist for Microsoft Security Response Center (MSRC), is aimed at providing an up-to-date feed of recent threats to security experts in a timely manner.

"Interflow uses industry specifications to create an automated, machine-readable feed of threat and security information that can be shared across industries and groups in near real-time," wrote Bryant. "The goal of the platform is to help security professionals respond more quickly to threats. It will also help reduce cost of defense by automating processes that are currently performed manually."

Bryant said the inspiration for Microsoft Interflow came from the cybersecurity community unhappy with how data was being organized, governance issues and format mismatches from similar programs like the company's Microsoft Active Protections Program (MAPP), which provides early data on vulnerabilities to software and security experts. Looking to streamline the information, Interflow allows users to choose which online security threat communities to belong to, designate who sees what threat information and choose which threat feeds to stay updated on.

The use of compliance specifications like Structured Threat Information eXpression (STIX), Trusted Automated eXchange of Indicator Information (TAXII) and Cyber Observable eXpression standards (CybOX) allows Interflow to be easily integrated with existing analytical tools.

Bringing both an easy-to-read and security compliant feed of active threats will provide enterprises with cost-saving advantages, especially when paired with Microsoft's cloud platform, according to Bryant. "Running on Microsoft Azure public cloud, Interflow helps to reduce the cost of security infrastructure while allowing for rapid scale-out, a key premise of cloud computing. As Interflow automates the input and flow of security and threat data, organizations are able to prioritize analysis and action through customized watch lists, instead of bearing the cost of manual data compilation."

While Microsoft has been testing this new program internally for some time now, today marks the start of the private preview phase for organizations with security response teams. The company is also showing off Interflow at the security FIRST Conference in Boston, Mass. this week.

About the Author

Chris Paoli is the site producer for and


  • Phishing Tops Concerns in Microsoft Study of Remote Work

    Potential phishing attacks were a top concern of most IT security professionals when organizations switched to remote-work conditions early last year.

  • How To Configure Windows 10 for Intel Optane Memory

    Intel's Optane memory technology can significantly improve the performance of your Windows 10 system -- provided you enable it correctly. A single mistake can render the system unbootable. Here's how to do it the right way.

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

comments powered by Disqus