Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

Browse by Tags

  • Blog Post: Trustworthy Computing: Learning About Threats for Over 10 Years - Part 3

    In the first two parts of this series ( part 1 , part 2 ) I explored some of the ways that the threat landscape has evolved over the past decade and introduced a new special edition Microsoft Security Intelligence Report (SIR) called “ The evolution of malware and the threat landscape – a...
  • Blog Post: New Security Tools for IIS and SQL

    In cast you didn't see it, the Microsoft Security Response Center (MSRC) team just announced the release of three tools to help customers fend off SQL injection attacks: UrlScan 3.0 Beta ( see Wade Hilmo's blog for more ), a security tool that restricts the types of HTTP requests that Internet Information...
  • Blog Post: Visit the New SDL (Security Development Lifecycle) Web Site

    I wanted to mention to folks that a new Security Development Lifecycle (SDL) web site went up earlier this month on microsoft.com. Amazingly, you can navigate to it via http://www.microsoft.com/sdl , instead of some long name you'd never remember. Of course, once you navigate to that URL, you get redirected...
  • Blog Post: Brian Krebs Blog on ‘at Risk’ Chart Methodology

    I am a couple of articles into my series: Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? , and Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? (Part 2) In part 2, I probed Mozilla’s usage of an ‘at risk’ chart to claim that their customers...