I just finished delivering at webcast on Security Risk management. As promissed here is the Q&A log, not very many questions on this Friday afternoon.
Question: Kai says "GO GET THIS GUIDE: Security Risk Management Guide v 1.2"
Question: Where is a god place to start learning about Security and Microsoft Products?
Answer: Here is the base Microsoft Security Site on the web.... --- http://www.microsoft.com/security/default.mspx
Question: I have heard there is a tool that I can use to scan local and remote machines in my domain for missing security updates, hot fixes and patches. What’s is that tool?
Answer: That tool is the Microsoft Baseline Security Analyzer. You can read more about it and download it here ---- http://www.microsoft.com/technet/security/tools/mbsahome.mspx
Question: I have also heard that Microsoft has a FREE, server based patch management system. Where can I find information about that?
Answer: That is WSUS - Windows Server Update Services -- You can read about and download here ----- http://www.microsoft.com/windowsserversystem/updateservices/default.mspx
Question: Another great tool....the MS Security Assessment Tool.....text based tool for starting a risk assessment...great for business gurus!
Question: Are there any security resources specifically for ITPros?
Answer: Yes! Check out the Technet Security Center --- http://www.microsoft.com/technet/Security/default.mspx
Question: What about for developers?
Answer: Yes again! For developers, check out the MSDN Security Center --- http://msdn.microsoft.com/security/