by Colin Neagle,   Network World

Microsoft announced plans to launch a real-time threat intelligence feed at the recent International Conference on Cyber Security. The project’s goal is to stream the company’s security information on dangerous and high-profile threats to organizations running the gamut from business partners and private corporations to domestic and foreign governments.

If the beta test is successful, Microsoft may make the feed publicly available. Microsoft’s T.J. Campana says the feed will serve as a Hadoop-based cluster merged with Windows Server, streaming information from a database that now contains data on the Kelihos botnet Microsoft first reported on in September.

“I don’t see a decrease in threats, but I do see this [feed] limiting the possible damage from a given threat as the community will be able to respond faster,” says Lumension analyst Paul Henry.

Microsoft will need to allay the concerns of privacy skeptics, particularly since the feed will circulate Internet Protocol addresses of systems that are discovered to be elements in large botnets. However, Henry says that security threat information can be exchanged without causing privacy infringement, noting that the Microsoft feed will bear a similarity to practices at the SANS Internet Storm Center.  Report