I'm a firm believer in making the most of what you have. If you've ever seen me speak you'll be familiar with my message that Windows includes a comprehensive range of security features and functions that quite often can be used out of the box to effectively mitigate the risks associated with our ever changing business environments. We run a series of webcasts every month which look at a wide range of issues and providing best practise guidance to help you solve them.
Security Webcasts are a convenient way for IT Professionals and Developers to stay technically updated on the latest Microsoft Security Guidance. These webcasts concentrate on security information and are presented by senior executives and other subject matter experts. They feature interactive technical presentations, product demonstrations, and question-and-answer sessions.
Microsoft Security Webcast Series: Upcoming & On-Demand
For IT Executives
For IT Professionals
Security Webcast Calendar
NEW: Now you can register for an on-demand webcast and choose how you would like to view the archive (for webcasts that took place December 1, 2004 or later). Register to view an on-demand webcast and download a .wmv of the webcast immediately. By registering, you will also receive a confirmation email the following day with a link to the PPT download.
Additional Webcast Resources
Digital Blackbelt Series: Defend your code from attacks
May 20 and May 27; on-demand webcasts available now
How would your code stand up to an attack? If you are not sure, join us for the Digital Blackbelt webcast series as Developer Community Champion Joe Stagner discusses security risks, vulnerabilities, and solutions from the software developer's perspective. We will provide real-life examples and security tips and tricks that can help you gain the knowledge and techniques to become an experienced “blackbelt” in writing secure code.
ISA Server 2004: Maximize application security and performance
Live and on-demand webcasts available nowWhether you plan to upgrade to Internet Security and Acceleration (ISA) Server 2004 or want to learn how to get the most from your current ISA deployment, this series of technical webcasts illustrates how ISA 2004 can help you maintain a secure and performance-driven network. Covering everything from technical overviews and usage scenarios to deployment and troubleshooting, our experts explain how to use ISA Server 2004 to improve network security without sacrificing performance. You'll also learn more about partner solutions designed to extend the capabilities of ISA Server in areas such as anti-virus and content filtering.
Web Development: Increase the security of your applications
May 24; on-demand webcasts available now
Increasing the security of your software is not the result of a single event. From design through development, to testing and deployment, a multi-disciplinary approach must be taken to deliver a quality software product that minimizes organizational risk. Join Dennis Hurst, Senior Consulting Engineer at SPI Dynamics, and other guest speakers as they detail knowledge that can help developers increase security around the coding of web applications.
Live webcasts third Tuesday of every month; on-demand webcasts available now
Learn best practices to guide your security strategy during this monthly webcast series. Each webcast focuses on a specific security topic and includes commentary from industry experts outside of Microsoft.
Security Webcast Calendar
Security webcasts listed in an easy-to-use calendar format.
BONUS: Attend any live webcast through June and you could win a Portable Media Center. See official rules for more details.
Additional Live & On-Demand Webcast Series Available NOW:
§ Ask the Security Experts
§ Microsoft Windows XP Service Pack 2
Microsoft Executive Circle Webcast: What Do Office 2003, Information Security, and Regulatory Compliance Have in Common
Thursday, June 16, 2005 - 9:00 AM - 9:30 AM Pacific Time
Jason C. Hayek, President and Co-Founder, Triad Information Security Services, LLC
Organizations are constantly looking for better ways to secure Web content, documents, and e-mail; whether it's to protect sensitive and confidential information, or to comply with government regulations. Information security, data protection, governance, and regulatory compliance must work hand-in-hand in today's fast-paced, competitive, and regulated markets. In this webcast, Triad Information Security Services will highlight how Microsoft Office 2003 and Microsoft Windows Rights Management Services (RMS) equip organizations with solutions that aid regulatory compliance efforts. See how implementing these technologies will help create an additional layer in your organization's overall defense-in depth and data protection strategies.
Microsoft Executive Circle Webcast: Security360: Understanding the Business Value of Security (Level 100)
Tuesday, June 21, 2005 - 9:00 AM - 10:00 AM Pacific Time
Mike Nash, Corporate Vice President Security Business & Technology Unit, Microsoft Corporation
In this month's Security360 webcast, host Mike Nash, security executive at Microsoft, explores the business rationale for security investments. Receive guidance from industry and Microsoft experts on the role security plays in furthering business objectives and achieving operational excellence. This webcast provides you with the information you need to make effective security decisions and plan for the future. As with every Security360, this webcast includes a checklist of recommendations and resources, as well as a Q&A with industry experts.
TechNet Webcast: Threat Mitigation for Windows 98 and Windows NT 4.0 (Part 3 of 3): Mitigating Threats for Windows 98 and Migrating Legacy Systems (Level 200)
Wednesday, June 01, 2005 - 11:00 AM - 12:00 PM Pacific Time
Harold Wong, TechNet Presenter, Microsoft
While migration to a newer platform is recommended, many customers have key business applications that will only run on legacy operating systems. In the final part of this series, we provide an analysis of the challenges of securing Microsoft Windows 98 systems against the challenges of today's attack-ridden network environment. We provide you with guidance on how to increase security when upgrading to newer operating systems.
TechNet Webcast: Understanding and Fighting Malware: Viruses, Spyware and Rootkits (Level 300)
Tuesday, June 07, 2005 - 2:00 PM - 3:00 PM Pacific Time
Mark Russinovich, Chief Software Architect and Co-founder, Winternals Software, LP
Today's Internet is fraught with peril in the form of undesirable and malicious software. These types of software continue to evolve new ways of propogating and ways of embedding themselves more deeply into the systems they infect. Join us for this webcast, presented from Tech·Ed 2005 in Orlando, Florida, and gain an understanding of their propagation methods, including buffer overflow exploits, how to detect them and how to prevent them. Get a first-hand look at rootkits, which are the sophisticated tools and techniques by which malware attempts to avoid and prevent detection.
TechNet Webcast: Tips and Tricks to Running Windows with Least Privilege (Level 300)
Wednesday, June 08, 2005 - 8:00 AM - 9:00 AM Pacific Time
Aaron Margosis, Senior Consultant, Microsoft Corporation
The security principle of "least privilege" is well understood: Software should run with the smallest set of privileges needed to perform its tasks. However, Windows users who are allowed to administer their own machines usually run with Administrator privileges all the time. Email, Web browsing, and instant messaging do not require administrative privileges, and are common avenues for malicious code to attack end users' systems. It is far safer to log on with a Limited (or "Least-privileged") User account, and use elevated privileges only for specific tasks that require them. Unfortunately, Windows does not yet make this as straightforward as it needs to be. In this webcast, presented from Tech·Ed 2005 in Orlando, Florida, we show you simple ways to get around the inconveniences and make living as a Limited User as easy as possible.
TechNet Webcast: Security Policies? Ugh, Just Give Me a Firewall (Level 300)
Steve Riley, Senior Program Manager, Security Business and Technology Unit, Microsoft Corporation
Start | Programs | Firewall | Rules | Add rule | Permit all hosts destination port 4695/tcp. Um, why did you just do that? Was there a business justification for creating that hole, and was the decision backed up by your security policy? You do have an up-to-date, regularly reviewed policy, right? Surprisingly (or not), security policies in many organizations are hidden, reflect the thinking of ten years ago, or simply don't exist. All security decisions should be based on business needs and guided by relevant, timely, and flexible policies. To learn more, attend this webcast presented from Tech·Ed 2005 in Orlando, Florida, where Steve Riley helps you understand why it's important to have a security policy, how to encourage end-user participation, and provides suggestions on what makes up a good policy.
TechNet Webcast: Security Configuration Wizard in Windows Server 2003 Service Pack 1 (Level 300)
Wednesday, June 08, 2005 - 2:30 PM - 3:30 PM Pacific Time
Jesper Johansson, Security Program Manager, Microsoft Corporation
Inside the Security Configuration Wizard in Windows Server 2003 Service Pack 1, Microsoft shipped the first new security policy tool in six years. This interesting new wizard can help you author, tailor and apply policy. As with any security policy tool it can also completely disable your network. To learn more, attend this webcast presented from Tech·Ed 2005 in Orlando, Florida, where Jesper Johansson, program manager for security policy discusses the internals of the security configuration wizard and how to make use of it. We cover how it relates to other security policy tools and resources, such as the Security Configuration Editor, Group Policy, and the Security Guides. We also discuss the idea of role-based security policy and how you can best leverage it to protect your Windows network.
TechNet Webcast: Security Risk Management (Level 300)
Monday, June 013, 2005 - 9:00 AM - 10:30 AM Pacific Time
Kevin Remde, TechNet Presenter, Microsoft
When establishing security for your network, you must take risk assessment, cost-benefit analysis, and implementation of security countermeasures into consideration. The Security Risk Management Guide, designed by Microsoft, can help your organization establish the ongoing process of security risk management. This 90-minute webcast presents a qualitative approach to risk management, incorporating best practices from the industry as well as those learned and formulated by the Microsoft internal IT Group.
TechNet Webcast: How Microsoft IT Utilizes Governance (Level 300)
Tuesday, June 014, 2005 - 9:00 AM - 10:00 AM Pacific Time
Pete Boden, Microsoft IT Director Information Security, Microsoft
Governance is a critical element of effective information security programs. It can occur at multiple levels on focused tasks or initiatives, or it can be more broadly applied as part of an enterprise security strategy. In this webcast, Microsoft security director Pete Boden discusses approaches to information security governance. He will show how shared goals, metrics and visibility across business units improves linkage to the business, demonstrates business value, and ensures focus on the right priorities.
TechNet Webcast: Network Isolation Using Group Policy and IPSec (Part 1 of 3): Overview of Internet Protocol Security (Level 300)
Wednesday, June 15, 2005 - 9:30 AM - 10:30 AM Pacific Time
John Baker, TechNet Presenter, Microsoft
Data Isolation: How can it make your IT infrastructure safer, and how do you use Group Policies and Internet Protocol security (IPsec) to implement it? This three-part series presents the information and steps needed to implement data isolation using group policies and IPsec within an organization. Part one provides an overview of the nature of Internet Protocol security. Learn how IPsec can help manage the challenges to secure network communication, and the various ways you can implement IPsec to achieve different types of secure communication. Part two continues the discussion with a look at how to use IPsec to create network isolation zones.
TechNet Webcast: Information About Microsoft's June Security Bulletins (Level 100)
Wednesday, June 15, 2005 - 11:00 AM - 12:00 PM Pacific Time
Christopher Budd, CISM, CISSP/Security Program Manager, Microsoft Corporation
Debby Fry Wilson, Director/Security Response Marketing, Microsoft Corporation
On June 014th, Microsoft will release its monthly security bulletins. Join us for a brief overview of the technical details of the June security bulletins followed by an extensive Q&A session. This webcast will focus on addressing your questions and concerns about the security bulletins. Therefore, the majority of the webcast session will give you the opportunity to ask questions and get answers from our security experts.
TechNet Webcast: Identity and Access Management (Level 200)
Friday, June 17, 2005 - 11:00 AM - 12:30 PM Pacific Time
Shawn Travers, TechNet Presenter, Microsoft
Learn how you can use identity management solutions to create and manage user account information efficiently and securely across multiple systems within an enterprise. This webcast shows how identity information can be shared and synchronized, even when it is distributed across several different locations. Understand how access management solutions can help to ensure that user accounts are granted the appropriate access to resources across different systems in an enterprise network.
TechNet Webcast: Assessing Network Security (Part 1 of 2): Planning and Research (Level 200)
Monday, June 20, 2005 - 9:00 AM - 10:00 AM Pacific Time
Kai Axford, Security Specialist, Microsoft
How do you know whether your network is secure and how can you find out? This two-part series is designed to help organizations identify vulnerabilities to network attacks by planning and implementing processes. This first webcast shows how to plan your security assessment and how to gather information in a way that ensures the methods and results fit your organization's needs. This webcast specifically outlines the details and processes for gathering network security information about your organization. Part two then shows how to put the information you gathered to work using penetration testing to identify network vulnerabilities.
TechNet Webcast: Network Isolation Using Group Policy and IPSec (Part 2 of 3): Understanding Network Isolation Using IPSec (Level 300)
Wednesday, June 22, 2005 - 9:00 AM - 10:00 AM Pacific Time
Chris Henley, TechNet Presenter, Microsoft
Building on the overview of IPsec in part one, this webcast shows how to use IPsec to create network isolation zones. Topics include the advantages and limitations of network isolation, where network isolation fits into a defense-in-depth scheme, and how to use group policies and Active Directory groups to restrict access to specific servers. Part three offers guidance on how best to apply these concepts within the context of several network isolation scenarios.
TechNet Webcast: Defense-in-Depth Against Malicious Software (Level 200)
Wednesday, June 22, 2005 - 11:00 AM - 12:30 PM Pacific Time
Bryan Von Axelson, TechNet Presenter, Microsoft
Malicious software has become increasingly advanced; worms and viruses can propagate more quickly and evade detection more effectively than ever before. This webcast describes how a defense-in-depth approach to antivirus solution design can help protect various components of a computing infrastructure, including client computers, servers and networking devices, from malicious software attacks. This webcast will show how to implement an effective outbreak control and recovery plan. Learn to identify, contain and remedy the effects of malicious software.
TechNet Webcast: Implementing Exchange Server Security (Level 200)
Friday, June 24, 2005 - 11:00 AM - 12:30 PM Pacific Time
Michael Murphy, TechNet Presenter, Microsoft
Learn how to deploy a secure Microsoft Exchange Server 2003 infrastructure and ensure that client connections to Exchange 2003 are as secure as possible. In this webcast you will learn how to increase the security of e-mail that flows through an organization's Exchange servers, and how to configure Exchange Server 2003 to reduce the amount of unwanted e-mail.
TechNet Webcast: Assessing Network Security (Part 2 of 2): Penetration Testing (Level 200)
Monday, June 27, 2005 - 9:00 AM - 10:00 AM Pacific Time
Building upon the planning and research techniques presented in part one, this webcast shows how to implement penetration testing for intrusive network attacks, and also presents checklists that can help identify and remediate common issues. The webcast shows tools and processes you can use to scan systems for vulnerabilities, and concludes with a case study that incorporates all of these factors and puts them to work at a typical commercial enterprise scenario.
TechNet Webcast: Security Myths (Level 200)
Tuesday, June 28, 2005 - 11:00 AM - 12:30 PM Pacific Time
Steve Riley, Senior Program Manager, Security Business and Technology Unit, Microsoft
Jesper Johansson, Security Program Manager, Microsoft
Do you know whether the things you are doing to increase security is actually improving security? Are you sure that your security efforts map to any realistic threats - threats that you have decided to mitigate as part of your overall risk management strategy? In this webcast, we cover the top ten things that security professionals do that don't have any real impact on security. In some cases, these steps actually have exactly the opposite effect, as they compromise confidentiality, integrity, and/or availability instead.
TechNet Webcast: Network Isolation Using Group Policy and IPSec (Part 3 of 3): Advanced Network Isolation Scenarios (Level 300)
Wednesday, June 29, 2005 - 9:00 AM - 10:00 AM Pacific Time
Keith Combs, TechNet Presenter, Microsoft
Applying the concepts described in part one and two; this webcast describes several scenarios where you can enhance network security by using IPsec to create network isolation zones. This scenario-focused view of Group Policies and IPsec is based on Microsoft's prescriptive guidance.
TechNet Webcast: Threat Mitigation for Windows 98 and Windows NT 4.0 (Level 200)
Wednesday, June 29, 2005 - 11:00 AM - 12:30 PM Pacific Time
While migration to a newer platform is recommended, many customers have key business applications that will only run on legacy operating systems. This webcast offers prescriptive information and test plans for hardening existing Microsoft Windows clients and servers, with the goal of reducing the security risk factors for Microsoft Windows NT and Microsoft Windows 98 systems as much as possible. The discussion also provides guidance on how to upgrade securely to newer operating systems.
TechNet Webcast: Inside the Microsoft Security Response Center (Level 100)
Thursday, June 30, 2005 - 9:00 AM - 10:00 AM Pacific Time
Stephen Toulouse, Security Program Manager, Microsoft Corporation
Mike Reavey, Lead Security Program Manager, Microsoft Corporation
Did you know that Microsoft has a 24/7 team that is dedicated to helping you deal with your security threats? The Microsoft Security Response Center (MSRC) is a world-class resource for managing and resolving security vulnerabilities and incidents. The MSRC analyzes, develops and delivers security updates, tools and prescriptive guidance to help customers minimize security risks. This webcast covers the Microsoft security response process for releasing security bulletins and handling security incidents, and discuses the role the MSRC plays in that process. There will also be advice, free resources and free tools available for customers to help protect their environments.
MSDN Webcast: Implementing Security in the Development Lifecycle (Level 200)
Friday, June 03, 2005 - 9:00 AM - 10:30 AM Pacific Time
Joe Stagner, Developer Community Champion, Microsoft
Security should be your primary concern throughout the development process. Microsoft has created the Security Development Lifecycle, a set of guidelines describing how and when to implement security best practices by adding specific and well-defined checkpoints to each stage of the typical development lifecycle. This session outlines recommended changes you can apply to the design, development, testing, verification and release phases that can significantly reduce the number and severity of security vulnerabilities shipped to customers.
MSDN Webcast: Securing Web Service Communications with WSE 2.0
Monday, June 06, 2005 - 9:00 AM - 10:00 AM Pacific Time
Geoff Snowman, Developer Community Champion, Microsoft Corporation
One of the ways Web Services Enhancements (WSE) helps to build scalable, distributed applications is by providing an efficient and scalable mechanism to secure Web services. WSE uses the mechanisms defined in the Web Services Security specification to place security credentials in the SOAP message itself. In this webcast we will review techniques for securing a Web service using WSE 2.0, including signing and encrypting SOAP messages, adding security credentials to a SOAP message and creating a custom security token.
MSDN Webcast: Practical Security for Intranet Solutions (Level 200)
Monday, June 13, 2005 - 11:00 AM - 12:30 PM Pacific Time
Internal Web and Microsoft Windows-based applications often require integration with existing applications and systems, access to databases, strong authorization and authentication mechanisms, and identity management. This webcast discusses strategies for incorporating security best practices into intranet solution development. We will provide practical guidance on how to implement security enhancements throughout intranet solutions and introduce future security improvements available to developers through Microsoft Visual Studio .NET 2005 and Microsoft ASP.NET 2.0.
MSDN Webcast: Practical Security for Internet and Extranet Solutions (Level 200)
Friday, June 17, 2005 - 9:00 AM - 10:30 AM Pacific Time
Are you looking for comprehensive guidance on how to implement security best practices for Internet and extranet solution development? Externally facing (extranet) Web applications designed to facilitate partner collaboration, customer services and e-business are exposed to increased threat of attack and require a holistic approach to security. In our examination of security concerns specific to Internet applications, we provide guidance on accessing data across security boundaries, implementing strong authorization and authentication schemes, and integration with public Web services. This webcast also covers privacy concerns that can arise when dealing with personal information.
MSDN Webcast: Implementing Security for Mobile Device Solutions (Level 200)
Monday, June 20, 2005 - 11:00 AM - 12:30 PM Pacific Time
Are you dealing with security issues and concerns with your Microsoft Windows Mobile-based solutions? This webcast will describe the various the security considerations for building mobile software solutions and the tools, technologies and strategies available to the mobile developer. Both traditional applications accessed through mobile devices and solutions designed specifically for mobile use can be affected. You will learn how to use the security features of the Microsoft .NET Compact Framework in conjunction with Microsoft Windows Mobile-based PocketPC and Smartphone capabilities to provide more secure file storage and data access. During this 90-minute webcast we will also cover how to protect mobile device communications with your application servers.
MSDN Webcast: Using ClickOnce to Deploy an Application with Elevated Security Requirements (Level 300)
Joe Stagner, MSDN Developer Community Champion, Microsoft Corporation
One of the key advantages to building a rich smart client application is the ability to perform activities on the user's workstation that require higher privileges than a simple Web application can be granted. During this webcast, learn how to use the security features of ClickOnce to check for the specific permissions your code needs to accomplish its tasks. We also discuss best practices for handling situations where the required permissions are not available.
MSDN Architecture Webcast: patterns & practices Live! Adopting patterns & practices Security Engineering Practices (Level 300)
Thursday, June 23, 2005 - 11:00 AM - 12:00 PM Pacific Time
Ron Jacobs, Program Manager, Microsoft
Securing organizational information and data systems is critical, and failure to secure information can have a severe impact on business. Learn a repeatable approach to security engineering that the Microsoft patterns & practices group uses to meet security objectives. This webcast examines the lessons and insights gained from adopting the approach in an organization that previously did not have a systematic security approach.
MSDN Webcast: Advanced Application Development with Windows XP Service Pack 2 (Level 400)
Friday, June 24, 2005 - 9:00 AM - 10:30 AM Pacific Time
Rob Jackson, Developer Community Champion, Microsoft
With Microsoft Windows XP Service Pack 2 (SP2), Microsoft introduced a set of security technologies that will help improve the ability of Windows XP-based computers to withstand malicious attacks from viruses and worms. To developers, these technologies have an impact on the applications they create and the tools they use. SP2 restricts how remote procedure calls are made across a network, which may affect the operation of enterprise applications. This session examines these interface restrictions and provides you with advanced application development techniques for SP2, including ways to reduce RPC-based incompatibilities.
MSDN Webcast: Running SQL Server on Windows XP Service Pack 2 (Level 200)
Monday, June 27, 2005 - 11:00 AM - 12:30 PM Pacific Time
Mike Benkovich, Developer Community Champion, Microsoft
Recent versions of Microsoft SQL Server and Microsoft SQL Server 2000 Desktop Engine (MSDE) may encounter issues when running on Microsoft Windows XP Service Pack (SP2). In this webcast, we will examine in depth how Windows XP SP2 affects SQL Server, MSDE, Reporting Services and Analysis Services. We will also offer guidance on how to enable specific network protocols using Windows Firewall.
§ ALL Upcoming Webcasts
§ ALL On-Demand Webcasts
§ Microsoft Business Solutions Webcasts
§ Microsoft Executive Circle Webcasts
§ Microsoft Office System Webcasts
§ Microsoft Small Business Webcasts
§ MSDN Webcasts
§ MSDN Architecture Webcasts
§ Security Webcasts
§ TechNet Webcasts