Windows Security Center integration
MVI – Microsoft Virus Initiative
Microsoft requires certain things from companies developing security products.
If you’re serious in selling an AV product on Windows, you need certain APIs which are related to Windows Security Center / Action Center. You can get this API only if you are a member in the Microsoft Virus Initiative (MVI).
The Microsoft Virus Initiative (MVI) helps organizations to get their products working and integrated with Windows and to develop better-together security solutions that are performant, reliable, and aligned with Microsoft technology and strategy.
Become a member
You can request membership if you’re a representative for an organization that develops and produces antimalware or antivirus technology.
To qualify for the MVI program, your organization must meet all the following requirements:
- Your security solution either replaces or compliments Microsoft Defender Antivirus.
- Your organization is responsible for both developing and distributing app updates to end-customers that address compatibility with Windows.
- Your organization must be active in the antimalware industry and have a positive reputation, as evidenced by participation in industry conferences or being reviewed in an industry-standard report such as AV-Comparatives, OPSWAT, or Gartner.
- Your organization must sign a non-disclosure agreement (NDA) with Microsoft.
- Your organization must sign a program license agreement. Maintaining this license agreement requires that you adhere to all program requirements for antimalware apps. These requirements define the behavior of antimalware apps necessary to ensure proper interaction with Windows.
- You must submit your app to Microsoft for periodic performance testing and feature review.
- Your solution must be certified through independent testing by at least one industry-standard organization, and yearly certification must be maintained.
|Test Provider||Lab Test Type||Minimum Level / Score|
|AV-Comparatives||Real-World Protection Test|
|“Approved” rating from AV Comparatives|
|AV-Test||Must pass tests for Windows. Certifications for Mac and Linux aren’t accepted|
|Achieve “AV-TEST Certified” (for home users) or “AV-TEST Approved” (for corporate users)|
|ICSA Labs||Endpoint Anti-Malware Detection|
|NSS Labs||Advanced Endpoint Protection AEP 3.0, which covers automatic threat prevention and threat event reporting capabilities|
|“Neutral” rating from NSS|
|SKD Labs||Certification Requirements Product: Anti-virus or Antimalware|
|SKD Labs Star Check Certification Requirements Pass >= 98.5% with On Demand, On Access and Total Detection tests|
|SE Labs||Protection A rating or Small Business EP A rating or Enterprise EP Protection A rating|
|Home or Enterprise “A” rating|
|VB 100||VB100 Certification Test V1.1|
|West Coast Labs||Checkmark Certified|
|“A” Rating on Product Security Performance|
MVI members receive access to Windows APIs and other technologies including IOAV, AMSI and Cloud files. Members also get malware telemetry and samples and invitations to security related events and conferences.
Sounds easy, right ?
Theoretically, it is easy. The only thing is that Microsoft is overwhelmed with requests and questions. Most probably, you will never get any answer, and even if you get, they will require you to fulfill all the above conditions before applying.
We will work with you to get your company in the Antivirus Vendor page, we will build your product, will get your product accepted by Microsoft and deliver it to your customers.
Here are some steps required:
- Help you to get a 3rd party certification of your detection capabilities
- Set up the basics to deal with Microsoft
- Help you apply correctly to MVI
- Walk with you all the way through certification
We have helped more than 10 companies to become members of MVI.
After the admission in MVI:
- We work with your team to:
- Integrate the API you obtain from Microsoft
- Create the tool for interacting with the Action Center according to the Windows version (using the private API or the ELAM/PPL)
- Make it user friendly and test it with additional OSs.
- Modify the updater to interact with the Action Center
- Modify the licensing manager to interact with the Action Center
- Modify the various other product functions to interact with the Action Center
- Submit the kit (the result depends on all of the above)
- Implement the product landing pages
- Implement the incident landing pages
- Make the required tests and adapt the product until you pass
- Test and adapt the product for the Microsoft guidelines of interacting with Action Center (all above situations)
- Test and adapt the product for usability in regards to Windows 10 (which are special requirements)
We can’t do all these steps for you, but will guide and accompany you and your teams in doing them. Some of these steps we can do for you.
Please contact us to get more details.