Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
This article in our series focused on Microsoft’s free security tools is on the Security Development Lifecycle (SDL) Threat Modeling Tool.
For a quick backgrounder on threat modeling, let me recommend an article that my colleague, Michael Howard, recently published on threat modeling.
This article in our series focused on Microsoft’s free security tools is on the Enhanced Mitigation Experience Toolkit (EMET). EMET is a very popular security tool among the CISOs and security professionals I talk to because it helps them manage security mitigations for applications running in their environments. Security mitigations like Address space layout randomization (ASLR) and Data Execution Prevention (DEP) can help make vulnerabilities very hard or even impossible to exploit reliably.
This article in our series focused on Microsoft’s free security tools is on a tool called BinScope Binary Analyzer. This tool can be helpful for both developers and IT professionals that are auditing the security of applications that they are developing or deploying/managing.
In this second article in my series focused on Microsoft’s free security tools, I’d like to introduce you to the Attack Surface Analyzer version 1.0. Back in January of 2011 the Security Development Lifecycle team released a beta version of the Attack Surface Analyzer and today they announced the release of version 1.0.
This article in our series focused on Microsoft’s free security tools is on the Security Development Lifecycle (SDL) banned.h header file. This is an important tool for developers who are trying to minimize the number of security vulnerabilities that exist in the C or C++ code they write. It’s also important for IT Professionals to know about this tool as they can ask the ISVs and developers of the applications they deploy and operate in their environments whether they were developed using banned.h.
This week we launched a new Windows Phone application that is designed to provide our readers with an easy way to access Trustworthy Computing blogs through their Windows Phone devices. Our Trustworthy Computing Blogs provide customers with the latest insights from our security, privacy and reliability experts, information on mitigation tools, secure development, security updates, tips and tricks and much more. The application is available today in the Windows Phone marketplace and I encourage you to download it and share your feedback.
Over the past few years we have seen growing interest from our readers on the topic of Cybersecurity related to the public sector and critical infrastructure. At Microsoft one of the teams focused on providing cybersecurity consulting services to our customers is the Microsoft Consulting Services (MCS) Cybersecurity team, led by its General Manager Pat Arnold.
Today at RSA China, Jing de Jong-Chen (senior director, Trustworthy Computing) delivered a keynote outlining the next steps in Microsoft’s evolved security, privacy and reliability strategies for cloud and big data. Scott Charney’s Trustworthy Computing Next whitepaper highlights several interesting computing trends right now: