MAPP Active Protections Form
Total Page:16
File Type:pdf, Size:1020Kb
MAPP Active Protections Form
Hello MAPP Applicant,
Thank you for your interest in joining the Microsoft Active Protections Program (MAPP). You have read and indicated that you meet the initial MAPP criteria, and now we need to collect additional information to finalize your eligibility. Please provide the information requested below and send this completed form to [email protected]
(Please complete all of the following questions and provide as much detail as possible to assist us in the evaluation process.)
Please verify that you have active protections as defined: “Active protection technologies” are technologies that by themselves can protect a Microsoft system by either blocking, defending or detecting exploitation attempts without the availability of a Microsoft update.
Yes No
Which of the following technologies does your company provide as a service or product? Check all that apply:
File Based Technologies Host Based Technologies Network Based Technologies Intrusion Prevention Systems Intrusion Detection Systems Signature-based Statistical anomaly-based
List the names of any products, including related information that will specifically utilize MAPP vulnerability information for product updates.
Product Name #1: Product Url: Product Specifications: Coverage by Region:
Product Name #2: Product Url: Product Specifications: Coverage by Region:
Provide a detailed technical explanation of how you will use vulnerability data provided to you by MAPP to develop active protections to block, defend or detect exploitation attempts. Provide a detailed example of a Microsoft vulnerability (already patched with public CVE) and how you would create detections for that vulnerability?
Please describe your signature development or product update cycle and how long it takes betwe en development, QA and public release? Based on this process, how often are signatures, detections or product updates delivered (what is your regular frequency and what is your ability to respond rapidly)?
Are all signatures/product updates developed in-house by your organization? Please provide a statement confirming that your signatures/product updates are developed in-house.
What policies or guidelines do you have in place for secure handling of data provided to you by MAPP? E.g. what is your level of encryption? Do you have handling protocols such as ISO/IEC 27001?
Do you currently have the ability to collect telemetry based on the detections developed from MAPP detection guidance?.
Yes No, please explain:
If yes, are you able to share this telemetry with Microsoft?
Yes No, please explain:
A report of the protections you’ve created by CVE is required. Are you able to comply?
Yes No, please explain:
Microsoft is interested in threat information exchange and MAPP partners who participate benefit by receiving more information from Microsoft and sometimes, receiving information earlier in the process. If you have threat information (malicious URLs, Passive DNS, IP Reputation, Botnet C2, etc.) are you interested in this type of exchange?
Yes No
If yes, in what timeframe would you be able to automate daily threat feeds to Microsoft? 0 – 30 days 30 – 60 days 60 – 90 days 90 + days
Does your company have a dedicated Threat Intelligence team?
Yes No
If yes, is the team or contact different from who will be handling MAPP vulnerability data? Yes, please provide contact information: No
Please provide an estimate of your customer base that are Microsoft users, which are protected b y your company’s technology. Can you provide proof of this customer base if asked?
What are the main geographical regions that your company offers protection coverage in?
I certify that the information provided in this application is, to the best of my knowledge, true and correct and that I have not knowingly withheld any relevant information. I understand that Microsoft reserves the right to accept or reject my application in its sole discretion for any or no reason.
Partner Name:
Signature:
Print Name:
Title:
Email:
Date: