Security Minded - from Kai the Security Guy

Some thoughts on security (and other stuff) from a Microsoft security professional

Browse by Tags

Related Posts
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part VII) - Moving Data Out of Your Organization

    Well, if you've been following along...we talked about who the insiders are and the metrics behind economic espionage. We've discussed why they do it and how they get the data. But I know this probably hasn't been very technical for most of you. Today that is going to change. Today we're going to talk...
  • Blog Post: The End to End Trust Vision: Microsoft's Framing of the Discussion and Call for Dialog Around Security

    You've been sitting around asking yourself, " Okay okay...I heard Bill Gates announce the whole 'trustworthy computing' concept back in 2002... What's next Microsoft? How do we solve the future security problems as an industry?" As you know, the Internet has transformed the way many of us live today...
  • Blog Post: Partner Love

    Today I'm in Denver speaking at the 2007 Microsoft Worldwide Partner Conference. The topic? A little thing I put together entitled "Bad Things Do Happen to Good People: Adding a Security Offering to your Partner Business". Here's the jist of the session: Trusted Advisor - Being a security professional...
  • Blog Post: Busy Busy Buenos Aires

    Hello Microsoft Argentina! I arrived in country at about Noon and had a meeting at 1:00 PM. I'm here working with Pablo Anslemo and his security team. Pable only has me for 1.5 days, so he's doing a great job in getting me in front of as many customers as possible. I met with the Buenos Aires CSO Council...
  • Blog Post: Why We (and you) Will Miss BillG

    This week marks the last week of work in the IT field for visionary and founder, Bill Gates. I’m sure many of you are reading stories all over the Internet about Bill, I thought I’d share a story about Bill as well. I joined Microsoft because I was a huge fan of their products, even back to when I was...
  • Blog Post: Why Windows Vista is Better than Your O/S

    Today is a big day for Microsoft's Trustworthy Computing team! It's the release of the Windows Vista One Year Vulnerability Report composed by my good friend and teammate, Jeff Jones . First let me just put to rest any kind " of course it's favorable...it's written by Microsoft " kinda stuff that I know...
  • Blog Post: The Security Show: Episode Two – Stopping James Bond (Part II)

    In this part, we get some good advice from the FBI on how to have that talk with your executives who like to travel out of the country and don’t really understand the risk that they assume when they carry that laptop, cell phone, or other electronic device with them. Good stuff!
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part V)

    I've done a lot of work in the past few weeks trying to get you to truly understand the person we've dubbed "The Insider". We've discussed who they are, and why they do what they do. Today I'm going to be looking at exactly what it is these insiders are trying to take. What are the targets? Intellectual...
  • Blog Post: It's Official: Windows Vista SP1 (Beta) News

    (Info taken directly from the Windows Vista Team Site . I've saved you a click. Introducing Windows Vista Service Pack 1 In addition to regular Windows Vista updates, application compatibility improvements, and device driver improvements, Windows Vista Service Pack 1 (SP1) is another way Microsoft will...
  • Blog Post: Hyper-V Security Guide goes Beta

    Well, I told everyone last year on my Virtualization Security Tour that this thing was coming out soon! Well, we released a Beta of the document on our Beta site , which you should join if you haven’t already. One of my jobs is to help do technical review of documents/slides internally for our Security...
  • Blog Post: Terribly Remiss in My Forensics Discussions

    I want to take a moment to correct an oversight I made earlier while discussing Windows forensics resources. That error was the failure to mention one of the foremost experts in the field: Harlan Carvey . Harlan's books have provided me a wealth of information in the field of digital forensics. In addition...
  • Blog Post: This is laughable.

    Okay, I don't apparently need to hunt for any security topic. They just find me. There is one company (and CEO) that just continue to amaze with their statements. Does anyone take this guy seriously? Yes, it's Symantec again. Today at the CeBIT conference in Hanover, Germany, their CEO, John Thompson...
  • Blog Post: Not your Mama's Webcasts: Kai does the Defense in Depth Webcast Series

    Hopefully you were able to join me for a terrific two weeks of webcasts!! In 8 sessions we covered every layer of the security model known as "defense in depth". For those of you who missed out on the great fun we had, here's a way to go and check out the recordings. I did the best that I could to ensure...
  • Blog Post: Forensic Resources...and Travel

    I just wanted to post quickly the resources from our SEC312: Implementing the Fundamental Computer Investigation Guide for Windows from Tech-Ed 2007. Those of you who attended.....THANK YOU! I know a lot of speakers don't listen, heed, or are truly grateful for the feedback you submit...but I truly am...
  • Blog Post: Teacher Appreciation Day - October 5th 2007

    Friday is Teacher Appreciation Day . I'm not usually one for things like this....but let me tell you this is something I can cheer about! Think about it, someone, somewhere along the line took the time to teach you something you know now. While you figured that you'd never use it again (hello algebra...
  • Blog Post: Hello Baby!

    Frantic in Dallas I’m back…after a long absence. The last 3 months or so have been crazy in my life. After my trip to London and Edinburgh in mid-September, I returned home patiently awaiting the delivery of our son in late-October. We went to the doctor on Monday, September 29th and the sonogram looked...
  • Blog Post: ALERT: $250,000 Reward

    REDMOND, Wash. — Feb. 12, 2009 — Today, Microsoft Corp. announced a partnership with technology industry leaders and academia to implement a coordinated, global response to the Conficker (aka Downadup) worm. Together with security researchers, Internet Corporation for Assigned Names and Numbers (ICANN...
  • Blog Post: TechNet Radio: Physical Security at Microsoft

    This is a pretty interesting podcast that I had the privilege to conduct a few weeks ago. I had the chance to go see Microsoft's Security Operations Center (SOC) and talk to Johnny Walker, CPP (Certified Protection Professional), the guy who leads the team that helps protect our physical assets. As you...
  • Blog Post: Rumors of my demise are greatly exaggerated...

    Well, I know it's been awhile....but I'm back. Several of you were kind enough to send me gentle reminders that I have been neglecting my blog, and were worried that I may indeed have dropped off the face of the Earth. Not so. Where Have You Been, Kai? In a nutshell......traveling like you would never...
  • Blog Post: Part Three of Four as We Chat About Physical Security

    UPDATE : I got your emails about there being a problem with this Silverlight video (thanks Doug!), so I re-rendered and have re-posted the video. Nothing stinks worse than having the movie go out in mid-series! OH YES! I actually had the privilege yesterday of getting an hour long Capabilities Tour of...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part IX) - Oldies, but Goodies

    Well....I received an absolutely unexpected and pleasure of an email from one of the excellent speakers over at the The Centre for Counterintelligence and Security Studies about my blog posts! I'm not sure they were reading or simply scanning for references to their website, but hey...I'm not picky!...
  • Blog Post: A New Life of 150 inches: How Long 'til Keith Combs Has One?

    A good buddy of mine and fellow Texan runs this little 'ol blog, which is one of the Top 5 blogs hosted on TechNet. His name is Keith Combs and he, like his blahg , is a pretty amazing technical guru. When it came time to research the laptop I'm carrying now, I searched out Mr. Combs and asked him for...
  • Blog Post: Books of the Month Club....I read a lot

    When I'm sitting on a plane and they tell me to "turn off anything with an on/off power button"...it hurts. So then I pull out a book and read. As much as I fly, I read a lot. Often I'm catching up on one the many, many trade magazines to which I subscribe ( CSO Magazine , Security Management...
  • Blog Post: The Security Show: Episode 3 “Gates, Guards and Guns”

    More of my sitdown with Johnny Walker who helps run our Microsoft Global Security Operations Center. When we talk about physical security, as IT Pros, we’re typically talking about securing the datacenters and the boxes themselves. Johnny also has to consider things like Loss Prevention, Executive Protection...
  • Blog Post: Happy and Secure New Year!

    I have returned! As many of you are aware, I travel extensively for my job and I was literally on the road for almost 10 straight weeks the latter part of 2007. Los Angeles. New York. Buenos Aires (x2). London. Redmond. Mexico City. Washington D.C. Toronto. I was more than excited to get to my vacation...