You can't use Microsoft and security in the same sentence unless you put "lack of" before security or "after-thought" at the end.
Microsoft brings own security info exchange to the world
Microsoft has announced a “a security and threat information exchange platform for analysts and researchers working in cybersecurity.” Dubbed “Interflow”, Redmond says the new service is “a distributed system where users decide what communities to form, what data feeds to bring to their communities, and with whom to share data …
-
-
Tuesday 24th June 2014 14:47 GMT Crazy Operations Guy
The truth is that every piece of code can have exploitable holes. It is foolish to think that just because someone did (Or didn't) write a piece of code, that its secure. All programmers are humans and humans make mistakes; this includes every from the barely competent programmer at a cut-rate body shop in China, to a highly-paid programmer in a software company's shiny office, to Linus or ken themselves; they all make mistakes and they're be security holes (While some people have much lower rates, it'll still be greater than zero)
-
Wednesday 25th June 2014 20:20 GMT Jasey
they're getting better
Microsoft has taken security seriously for a number of years now, really beginning with Windows Vista (as awful as it was).
They are still not as good at it as they should be, but I'm optimistic about their future especially once Balmer is history.
The truth is, many corporations rely on Microsoft products from the data center to edge to the desktop. Anything that Microsoft can release to make sharing security information among other applications is great. The fact that they are using industry standards like STIX, TAXII, and CybOX is just a bonus. For once they are not reinventing the wheel. Of course it remains to be seen how they implement it, but it bodes well for interoperability.