X

Symantec, Microsoft cooperate on security

Despite earlier tussle, the two companies announce joint participation in a forum aimed at promoting security best practices.

Andrew Donoghue Special to CNET News.com
2 min read
Antivirus specialist Symantec has joined a security organization alongside Microsoft, despite having previously come to very public blows with the software giant over its willingness to share security information on Vista.

Symantec and Microsoft announced Tuesday at the RSA Conference Europe 2007 that they will join the Software Assurance Forum for Excellence in Code (SafeCode), a not-for-profit organization aimed at increasing trust around IT. Other members include EMC, SAP and Juniper Networks.

Commenting on questions about the recent argument between his company and Microsoft over Vista application programming interfaces (APIs), Ilias Chantzos, Symantec's government relations manager for EMEA, said that the two organizations would cooperate in SafeCode to benefit customers.

"We have a multifaced relationship with Microsoft, and we are keen to work with them. That will ultimately benefit our customers. I see this relationship as complementary rather than competitive," Chantzos said.

Last year, security companies, including Symantec and McAfee, complained that Microsoft had locked them out of the Windows kernel. The security companies claimed that a kernel shield developed by Microsoft, called "PatchGuard" and intended to stop hackers attacking 64-bit versions of Vista, blocked their security products too.

Microsoft eventually agreed to provide security companies with access to the 64-bit APIs but didn't actually provide access until two months after it had officially relented.

Microsoft had long maintained that a complete lock on the kernel would provide the best operating system security and stability, but it made concessions in response to antitrust concerns raised by officials in Europe and Korea.

SafeCode is being headed up by cybersecurity expert Paul Kurtz, who was one of the founding members of the Cyber Security Industry Alliance and a former White House National Security Council and Homeland Security Council member under Presidents Bush and Clinton.

Kurtz said that the organization is the first global industry-led body aimed at the development and delivery of more secure and reliable hardware software and services.

"Where are the best practices? Everyone talks about them, but how do you find them? SafeCode is going to bring those best practices into one place so that government, consumers and businesses can make best use of them," Kurtz said.

Kurtz added that SafeCode will be assembling an advisory group of government leaders and critical infrastructure operators from around the world to help with its mission.

The organization will be funded via a $50,000 membership fee levied on each of the members, Kurtz added.

"We want to be seen as an organization that government and industry can turn to and say: 'Can you help us with this?'" Kurtz said.

Andrew Donoghue of ZDNet UK reported from London.