May 23rd, 2012 | Information Security
The framework has also recently received an update but, most important of all, has also received a very prominent backer: Microsoft.
“Even though many vendors have followed Microsoft’s lead in providing comprehensive security updates to customers, the formats vendors use vary. CVRF provides the entire industry with a way to share and present data in a coordinated and structured manner,” stated Mike Reavey, Senior Director with Microsoft Security Response Center, and announced that Microsoft has presented the latest monthly security updates (released on May 8) in the CVRF format.
Extolling the virtues of the format, Reavey pointed out that even though home-computer users or small businesses haven’t got much use for it, big businesses could do without continually “copying and pasting” Microsoft’s security bulletin content into their risk management systems, spreadsheets and corporate notification emails manually as part of their IT security compliance and remediation task list.
“For these customers, this machine-readable format may enable more efficiency and automation. Faster and more efficient guidance for these customers means they can more quickly ensure protection, which is always our goal,” he wrote, and added that Microsoft’s bulletins will continue to be issued also in the current format for those who don’t require automation.
- Automated Penetration Testing with White-Box Fuzzing |…
- 10/1 Ratio of Chinese Coders Looking for Bugs vs. Microsoft…
- Microsoft and NYPD Build Unified Monitoring System
- ATM skimmers don’t even have to be on the ATM |…
- Blizzard Sued for Upselling Security Minimums | Net-Security
- Microsoft Skype Axes Digium | ZDNet
- 20 of the Best IT Security Lessons Ever Learned | The State…
I’d love to hear from you. If you’d like to connect or respond, please reach out via Twitter, using DISQUS below, or by email. Also consider subscribing to the site via RSS and checking out my other content.blog comments powered by Disqus