Have you ever wondered what goes on when Microsoft is investigating reports of a security vulnerability in one of its products? It turns out that investigating a potential vulnerability and updating over a billion systems around the world requires some very sophisticated engineering practices.
Recently I sat down with some key people on the engineering teams at Microsoft that perform the vulnerability investigations and develop the security updates, to discuss the processes they use. The result is a four-part video series that provides you with more insight into what happens during these investigations than ever before. The lengths that Microsoft goes to in order to minimize disruptions to customer experiences and businesses might surprise and impress you.
RSA Conference 2011 is underway in San Francisco and I was lucky enough to get to attend the conference again this year. Scott Charney, Corporate Vice President of Trustworthy Computing at Microsoft delivered a great keynote, focusing on Collective Defense: Applying Public Health Models to the Internet. Collective defense is a model designed to help manage the threats on an increasingly hostile Internet; to do this we can take some lessons from how public health models have been successful and improve and maintain the health of consumer devices connected to the Internet. Learn more at www.microsoft.com/security/internethealth.
Selectively Filtering Content in Web Browsers Different browsers offer many different mechanisms for selectively filtering content. This post from the Internet Explorer blog explores how these mechanisms work and provides some detail on the subtle or not so subtle differences between them.
Windows Identity Foundation The Windows Identity Foundation (WIF) helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.
WIF and Azure ACS Survival Guide Find resources that will help you to get up and running with Windows Identity Foundation (WIF) and Windows Azure AppFabric Access Control Service (ACS) v2.
Forefront TMG Access Design Guide Get guidance to help you plan for secure access to the web, and to internal corporate resources, after Forefront TMG has been installed. It guides you through the design process, and provides information that will help you make the access design choices that are appropriate for your business goals, and for your environment.
Security MVP of the Month: Rodrigo Immaginario Currently the Chief Information Officer at the Universitario Vila Velha in Brazil, Rodrigo Immaginario has worked in the computer science field since 1994, specializing in security solutions for Microsoft environments including those involving IPsec, Hyper-V, and DirectAccess. His certifications include Certified Information Systems Security Professional (CISSP) and Microsoft Certified Systems Engineer (MCSE) in Security. He has been a Microsoft Most Valuable Professional MVP since 2004.
How to Improve Security on the Edge with Windows Web Server 2008 and IIS Explore how Windows Web Server 2008 and Internet Information Services (IIS) 7.0 deliver a platform for developing and hosting websites, services and more that enables IT professionals to—with some minor configurations—help minimize the risks of maintaining a Web server directly on the Internet.
Internet Explorer 9 Blocker Toolkit Download The Internet Explorer 9 Blocker Toolkit enables IT administrators to disable the automatic delivery of Internet Explorer 9 as an important class update via Automatic Updates and the Windows Update and Microsoft Update sites.
Tech•Ed North America 2011: Security, Identity, Access & More Join us in Atlanta for Tech•Ed North America 2011, where you can take advantage of over 915 learning opportunities. Check out the Security, Identity and Access track, which provides guidance and technical detail on Microsoft Forefront products, identity-based access technologies, Windows security technologies, and more. Register by February 28, 2011 to save $200.
Programming Windows Identity Foundation Get practical, hands-on guidance to help you put Windows Identity Foundation—the claims-based programming model in Microsoft .NET—to work in your Web applications and services.
Course 6292A: Installing and Configuring Windows 7 Client This three-day instructor-led course is intended for IT professionals who are interested in expanding their knowledge base and technical skills about Windows 7 Client. In this course, students learn how to install, upgrade, and migrate to Windows 7 client. Students then configure Windows 7 client for network connectivity, security, maintenance, and mobile computing. This course helps students prepare for the Exam 70-680, TS: Windows 7, Configuring.
Course 50357A: Implementing Forefront Threat Management Gateway 2010 This two-day instructor-led course provides students with the knowledge and skills to envision, design, and deploy web access, remote access and mail protection solutions using Microsoft Forefront Threat Management Gateway 2010 (TMG), enabling them to identify the requirements and make the appropriate design decisions that will come up during the deployment process, and providing hands-on experience with the products.
This is a monthly newsletter for IT professionals and developers—bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.
To cancel your subscription to this newsletter, reply to this message with the word UNSUBSCRIBE in the Subject line. You can also unsubscribe at http://www.microsoft.com/info/unsubscribe.htm. You can manage all your Microsoft.com communication preferences at this site.