Are you an Information Technology (IT) Professional or developer looking for a resource to stay up to date with Microsoft security? If so, I strongly encourage you to check out our Microsoft Security Newsletter . This monthly newsletter delivered to your inbox in either HTML or Plain Text covers a wide...

One topic that I get asked about each time we release a new volume of the Microsoft Security Intelligence Report is malware infection rates for operating systems and service packs. We released new data late this year in volume 13 of the report (SIRv13). Accordingly, I am dedicating a couple of articles...

Just a few weeks ago I had the honor of presenting a keynote at the Cloud Security Alliance (CSA) Congress 2012 in Orlando, Florida. My talk focused on the cloud security themes and topics that have been top of mind for Chief Information Security Officers (CISOs) and other security professionals that...

This article in our series focused on Microsoft’s free security tools is on a tool called Windows Defender Offline . Windows Defender Offline is a standalone software application that is designed to help detect malicious and other potentially unwanted software, including rootkits that try to install...

For years I have heard talk in the industry that much of the counterfeit software available on the Internet was preloaded with malware. How much of the counterfeit software available is preloaded with malware? What type of malware is preloaded on these systems and what does it allow the attackers to...

This article in our series focused on Microsoft’s free security tools is on the Security Development Lifecycle (SDL) banned.h header file . This is an important tool for developers who are trying to minimize the number of security vulnerabilities that exist in the C or C++ code they write. It’s...

Today at RSA China , Jing de Jong-Chen (senior director, Trustworthy Computing) delivered a keynote outlining the next steps in Microsoft’s evolved security, privacy and reliability strategies for cloud and big data. Scott Charney’s Trustworthy Computing Next whitepaper highlights several...

This article in our series focused on Microsoft’s free security tools is on the Enhanced Mitigation Experience Toolkit (EMET). EMET is a very popular security tool among the CISOs and security professionals I talk to because it helps them manage security mitigations for applications running in...

In this second article in my series focused on Microsoft’s free security tools, I’d like to introduce you to the Attack Surface Analyzer version 1.0. Back in January of 2011 the Security Development Lifecycle team released a beta version of the Attack Surface Analyzer and today they announced...

Tools are designed to make IT Professionals’ and Developers’ lives easier. A good tool can save a lot of work and time for those people responsible for developing and managing software. I thought I’d write a series of articles dedicated to highlighting some of the most useful free security...