It’s getting busy around here with people preparing for the CanSecWest security conference (http://cansecwest.com/). Many of the Microsoft Security Engineering Center (MSEC) and Microsoft Security Response Center (MSRC) members that regularly post to this blog will be attending CanSecWest and soaking up the 3 days of presentations & networking.

If you haven’t heard us talk about the Security Science angle of MSEC before, let me explain. The Security Science team is a group of security experts who do applied security research to solve difficult, leading-edge problems in an effort to increase customer security. They do research into new ways of finding vulnerabilities, develop innovative exploit mitigation techniques, and provide tracking and early warning of exploitation events. The team is literally in the same hallways as the MSRC, so the type of problems they tackle spring directly from current vulnerability cases and exploits. After they successfully crack a problem the tools and methods that result are reviewed for inclusion into the Security Development Lifecycle (SDL). This is one of the ways we move the SDL forward and keep it current.

The Security Science team aims to find ways to do security smarter and then enable others to leverage that work. So we’ve submitted a few talks to CanSecWest that will highlight the work that MSEC does:

  1. The Evolution of Microsoft's Exploit Mitigations [Tim Burrell, Matt Miller]. This is a view into the exploit mitigations work the Security Science team does. It’ll show what we’ve done, why we’ve done it and how we systematically think about mitigations coverage. We’ll also reveal a mitigation enhancement that will be in a beta release soon.
  2. Automated Real-time and Post Mortem Security Crash Analysis and Categorization [Jason Shirk, Dave Weinstein]. We know developers can’t all be security experts and properly triage exploitability conditions, so the difficulty is to get tools to reliably diagnose issues for security impact without a security expert present. This presentation will demonstrate a tool we use internally, and will soon be sharing with the security researcher & developer communities.

Final time slots haven’t been assigned yet, so check back at the CanSecWest site.

Matt Miller is also queuing up to do a Lightning Talk on High Signal to Noise Vulnerability Detection, so watch for us there as well.

New Blog URL

As we announced in a previous blog post, we have expanded the focus of this blog to include Security Science work.  To eliminate confusion and better align with the actual blog title, we updated the url to better reflect this change.  The blog url is now http://blogs.technet.com/srd/

For those who have this bookmarked or are receiving RSS feeds, this will be seamless for you as the old url/feeds redirect to the new ones.  Nevertheless we wanted to provide you with a heads-up. 

See you in Vancouver!

Matt Thomlinson

Senior Director, TwC Security

Share this post :

*Posting is provided "AS IS" with no warranties, and confers no rights.*