Last week I was in Brazil and I had a chance to participate in the biggest Microsoft event in Latin America, TechED Brazil. One of the sessions that I delivered there was SIA301 (more info in Portuguese in this post), where I co-presented with Alberto Oliveira, a Microsoft Forefront MVP.
We divided the session in two main parts, first we talked about the current security landscape and some major security threats. In the second part we talked about Windows Security. One of the things that we covered in the Windows Security part was the Threats and Countermeasure Guide. The team that I work for at Microsoft is responsible to maintain this content available here. I also want to use this opportunity to bring awareness that our team is reviewing this content and you have a chance to give feedback about it, please read this post and make sure to participate on that.
During this presentation we talked about the fact that SPAM is still a big threat, mainly because of the social engineering behind many phishing e-mails. One of the videos that we showed in this presentation which is related to this subject was the recent case that Microsoft took down the Rustock botnet. You can watch the video below:
Another subject that we covered was the importance of thinking of security right in the beginning of the project, when you are writing the code for your application. For that we presented the SDL concept and demonstrated the SDL Threat Modeling Tool. In this video you can see a demo about this tool and also how to use it.
Throughout the next few days I will be posting more about TechED Brazil and the content that I delivered there. Stay tune!