Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

Browse by Tags

Related Posts
  • Blog Post: Infrastructure Planning and Design Guide for Malware Response

    A new version of this guide went live – I think something, you should look at. There is a methodology and a process in detail: So, if you want to learn more: http://technet.microsoft.com/en-us/library/cc162838.aspx Roger
  • Blog Post: Security Intelligence Report v9 is online

    Usually I blog intensively on the release of the Security Intelligence Report. However, this time I am out of office and have just little time to give you insight. We spent a lot of work to make it more comprehensive and give you a more stable view over quite some time. So there is a great opportunity...
  • Blog Post: Microsoft Malware Protection Center on Facebook and Twitter

    I know, I have been fairly slow in blogging currently but I was fairly busy with a few cool projects (which I will disclose later) and – time flies if you are having fun Just a quick one: The MMPC on Facebook and Twitter The Microsoft Malware Protection Center (MMPC) officially launched its Facebook...
  • Blog Post: 10 Years of Trustworthy Computing at Microsoft

    Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this...
  • Blog Post: Microsoft Security Update Guide, Second Edition

    A while ago we released the Microsoft Security Update Guide to explain how we release security updates and how you should/could work with our updates. It encompasses these themes: Get to know the security update release process Learn how to evaluate risk See how to mitigate security risks Understand...
  • Blog Post: Cyber Security: The Road Ahead

    This paper by the Geneva Centre for the Democratic Control of Armed Forces (DCAF) was just brought to my attention. A piece of work, which is definitely worth working through. It lays out the problem space and then does a deep dive into the different sections: Governments Legislative Bodies The Armed...
  • Blog Post: Keep all your software updated and current

    I know that I keep going and going on that. When I talk to customers and mainly to providers of the critical infrastructure about security, one of the key things to me is to keep the software updated. It is about patching and it is about staying on the latest version of your software. To me, today Windows...
  • Blog Post: How to Detect a Hacker Attack

    This title immediately caught my attention and probably yours as well: How to detect a hacker attack – something I definitely want to know. And then I realized that the article a) is written from a techie and b) does not really cover the attacks I am worried of most. But I will address this toward the...
  • Blog Post: How to Deal With Vulnerabilities

    This is always a fairly emotional theme. What is better to protect the ecosystem? Public or private disclosure? Should somebody paying for vulnerabilities or not? Is a vulnerability auction ethical or not? I know that there are numerous views on that and I do not want to debate them here and now. What...