All needed information about MVI are here: https://learn.microsoft.com/en-us/defender-xdr/virus-initiative-criteria

You can request membership if you’re a representative of an organization that develops antimalware products. This membership is not something optional or nice-to-have: it is the only way to receive the private API to control Windows Security Center.

Not all applicants are accepted into the program.

To be considered for the MVI program, your organization must meet all the following requirements:

  1. Your commercially available security solution must provide real-time protection that detects, prevents, and remediates malicious software.
    It is not mandatory to have your own antimalware engine. Licensing one is enough.
    It is mandatory to have drivers which provide real-time detection, which can detect and stop malware from execution.
  2. Your organization is responsible for both developing and distributing updates to end-customers that address compatibility with Windows.
    This requirement is more complicated than it seems: It is required that the candidate participates in the SUVP program, which expects you to tests your program with all pre-release versions of Windows, before they are released to end users.
  3. Your organization must be active in the antimalware industry and have a positive reputation, as evidenced by participation in industry conferences, membership in industry organizations, or being reviewed in industry-standard reports such as AV-Comparatives, OPSWAT, or Gartner.
    It requires continuous involvement in the AV industry, like participating to conferences, publishing research papers, and so on.
  4. Your organization must sign a non-disclosure agreement (NDA) with Microsoft.
  5. Your organization must sign a program license agreement.
  6. Your organization must be active in the program and meet all program requirements.
    Some of these requirements are under NDA, thus they can’t be mentioned here.
    Most important requirements are: Hardware agreement, ELAM driver
  7. Your security solution must meet all program requirements, which requires use of Trusted Signing.
    Same as above.
  8. Your security solution must have been certified within the last 12 months through independent testing by at least one of the organizations listed below. Yearly certification must be maintained.
    Your company will need to support the costs for continuous certification.

 

Dealing with Microsoft is not easy. As a warning, submitting for membership without meeting all criteria will give you a slower or non-existent response in future contacts.

Don’t risk your membership, talk to us first.