Cyril Voisin (aka Voy) on security

Security is not important. Well... as long as your level of security is high enough!

Browse by Tags

Related Posts
  • Blog Post: Security Series #4: The Threat Landscape - Targeted Attacks explained- Top 3 Mitigations - Top 5 aspects of incident preparation

    Targeted attacks are an evolution of espionage to target a specific organization in order to steal information, modify information, or destroy information or systems. On the other hand, opportunistic attacks (see previous post ) target a specific technology without caring about who uses it. Targeted...
  • Blog Post: Services isolation in Session 0 of Windows Vista and Longhorn Server

    You may have heard that built-in services in Windows Vista were specifically hardened by Microsoft engineers during its development process. You might be wondering what that really means, how it works and, if you are a developer, how to harden your own services the Vista way. Jean-Yves Poublan, a Principal...
  • Blog Post: Per-service SID

    (This is part 3 of our series of posts on service hardening.) Under Windows Vista/Longhorn Server, your service can now have its own SID (Security Identifier), which you can then use in ACLs to protect your service resources. You configure your service to be assigned a per-service SID during its installation...
  • Blog Post: Security Series #3: the threat landscape – opportunistic attacks from Microsoft Security Intelligence Report v14

    Microsoft has recently published the latest version of the Security Intelligence Report v14 ( http://microsoft.com/sir ) focusing on software vulnerabilities, software vulnerability exploits, and malicious and potentially unwanted software during the third and fourth quarter of 2012. Please allow me...
  • Blog Post: Building a dual boot system with Windows Vista BitLocker protection with TPM support

    Updated 2008-05-12 : added a step to turn the TPM on before enabling BitLocker. By the way, someone made me notice this post is now referenced by the official BitLocker FAQ on Microsoft's website. Many people have wondered if it would be possible to dual boot a TPM-bitlockered instance of Windows...
  • Blog Post: Write-restricted token

    ( This is part 4 of our series of posts on service hardening. ) A service can be configured to be write-restricted, in addition to having a per-service SID. To do so, you specify a SID type of "Restricted" when configuring your service (see our previous post “ Per-service SID ”). In that case the...
  • Blog Post: Microsoft TechDays 2007 in Paris

    Yesterday, the first Microsoft Techdays ended in Paris after three days and more than 200 presentations. Thank you to all of you who honored us by their attendance! (I don’t have the final figures yet but you were about 9,000 people on the two first days alone.) If you didn't have a chance to attend...
  • Blog Post: Least privilege for services

    This is part 2 of our series of posts on service hardening. "Need to have" and least privilege principle Executing with least privilege is a good practice of computer security. As with the "need to know" principle for information access, there should be a "need to have" principle for privileges...
  • Blog Post: The human factor is a chance for IS security

    People: the weakest link or a chance for security? Have you ever heard security experts? They all point out that the human factor is the weakest link in the security chain. They often make fun of people being victims of social engineering for instance. They try to prove their assumption by showing...
  • Blog Post: Security Series #2: How to Bake Security in Products and Services? SDL.

    Engineering more secure software with the Microsoft Security Lifecycle (SDL) In January 2002, Bill Gates launched the Microsoft Trustworthy Computing Initiative which focused on security as one of its four pillars. One of the big achievements of this initiative was the creation and evolution of the Microsoft...
  • Blog Post: Network restrictions for service hardening

    ( This is part 5 of our series of posts on service hardening .) Last but not least a service can be (and should be) configured to have network restrictions with what is called the "Windows Service Hardening" rules in the Windows SDK (we'll call those WSH rules for short). As a service developer, it...
  • Blog Post: Security Series #1: Principles of Cyber Security

    Today I’m starting a series of blog posts on cyber security. Before getting to various topics, I thought it could be useful to remind everyone some of the security principles that are the most useful to help you achieve a higher level of security, whichever technology you’re going to use. Core attributes...
  • Blog Post: "Security is not important, when you have it.(*)" - a constructive blog on security

    Hello everyone! As you can see, I decided to start blogging on security, maybe sometimes on interoperability. To be honest, if the blogosphere was the solar system, I could be found closer to Neptune than Mercury. However, I’ve been spending more than the last five years meeting with people on security...