Microsoft 11806 Published by

The Microsoft Digital Crimes Unit, known for dismantling botnets like Kelihos and Rustock, is testing a new service to distribute threat data in real time to governments and partners.



Form ArsTechnica:
Microsoft employees revealed their plans at the International Conference on Cyber Security in New York, according to Kaspersky Lab's ThreatPost blog. The service is undergoing beta tests internally on a 70-node cluster running Hadoop on top of Windows Server, and stores data captured from botnet takedowns and other sources, such as the IP addresses of infected systems. Personally identifiable information would be stripped out of any threat feed provided to partners.

"Microsoft collects the data by leveraging its huge Internet infrastructure, including a load-balanced, 80gb/second global network, to swallow botnets wholepointing botnet infected hosts to addresses that Microsoft controls, capturing their activity and effectively taking them offline," Kaspersky reported.
  Microsoft building real-time security threat feed for governments, partners