Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Security   (RSS)

Microsoft Free Anti-Malware (Morro/Microsoft Security Essentials) Released as Beta

Though I have not been directly involved with Morro (or any other anti-malware products), I am excited to see Morro ( Microsoft Security Essentials , http://www.microsoft.com/security_essentials/ ) reach the next stage of development by releasing as a Read More...
Posted Tuesday, June 23, 2009 10:06 PM by jrjones | 1 Comments

Open Patch Management Survey

If you are involved in Patch Management, I’d like to ask for your help and participating in Project Quant.  Since launching in April, we’ve made some good progress in developing a high level patch cycle and have had some great participation on the Read More...
Posted Monday, June 08, 2009 10:47 PM by jrjones | 1 Comments

Mythbusters jamie and Adam – Final Keynote RSA 2009

RSA Conference 2009 Webcasts – Day 4 Keynotes (Friday) There is only a relatively small group of people that stay all the way to the end of the RSA Conference to see the final Friday keynotes, but they were worth the wait.   I can honestly say Read More...
Posted Sunday, April 26, 2009 9:09 AM by jrjones | 1 Comments

Cheswick and Thompson ‘Securin Ain’t Easy’ Rap Video @ RSA 2009

RSA Conference 2009 Webcasts – Day 4 Keynotes (Friday) There is only a relatively small group of people that stay all the way to the end of the RSA Conference to see the final Friday keynotes, but they were worth the wait. I can honestly say the two afternoon Read More...
Posted Sunday, April 26, 2009 9:02 AM by jrjones | 1 Comments

RSA Conference 2009 Webcasts – Day 3 Keynotes (Thursday)

The RSA Conference team has done an excellent job of making videos available this year for those that could not attend the conference live. Plus, like watching your American Idol on your DVR, you can easily skip past the parts you find boring and just Read More...
Posted Thursday, April 23, 2009 4:00 PM by jrjones | 0 Comments

RSA Conference 2009 Webcasts – Day 2 Keynotes (Wednesday)

The RSA Conference team has done an excellent job of making videos available this year for those that could not attend the conference live. Plus, like watching your American Idol on your DVR, you can easily skip past the parts you find boring and just Read More...
Posted Wednesday, April 22, 2009 4:00 PM by jrjones | 0 Comments

Supplemental Data for Calculating Mozilla Patching Speed

A couple of days ago, Secunia published their Secunia 2008 Report , and one of their tables garnered quite a bit of attention with respect to Mozilla patching quickly: Brian Krebs , Washington Post, Fanning the Flames of the Browser Security Wars Brian Read More...
Posted Monday, March 09, 2009 10:34 PM by jrjones | 3 Comments

2008 Pwn2Own Winner says Safari is an Easy Target

Apple Inc.'s Safari is the juiciest target in the upcoming PWN2OWN hacking contest, last year's winner predicted today. "It's an easy target," said Charlie Miller, the vulnerability researcher who last year walked off with a $10,000 cash prize Read More...
Posted Wednesday, March 04, 2009 11:03 PM by jrjones | 1 Comments

Firefox in 2008 – No Single Version Available for The Full Year?

I’ve been busy doing analysis for the next article in my cio.com Firefox series of articles, looking at vulnerability disclosures during 2007 and 2008 and I stumbled upon a little factoid that I had not previously noticed – no single version of Firefox Read More...
Posted Thursday, February 26, 2009 11:58 PM by jrjones | 7 Comments

Feb09 Security Bulletin SDL Benefit Summary

Summaries from previous months: Jan09 Security Bulletin SDL Benefit Summary When I do analysis and reports on Microsoft products, I typically look for where the Security Development Lifecycle (SDL) has helped to provide improvement and provide some stats Read More...
Posted Wednesday, February 11, 2009 12:24 PM by jrjones | 2 Comments

Perception: Case in Point

I love it when a good, real-life example falls right into your lap. As you know from my recent posts, I’ve been doing a series of articles probing Mozilla and Firefox security claims.  I think I’ve been pretty open about why, but I always seem to Read More...
Posted Thursday, February 05, 2009 8:38 PM by jrjones | 3 Comments

CIO.COM: Mozilla and “Counting Still Easy…”

[DISCLOSURE for those who don’t read about boxes: I work for Microsoft.] I admit that I enjoy discussing issues and digging into claims to see if I can find fractures or flaws in logic. When I ran product management teams for companies in previous roles, Read More...
Posted Thursday, February 05, 2009 7:03 PM by jrjones | 1 Comments

Brian Krebs Blog on ‘at Risk’ Chart Methodology

I am a couple of articles into my series: Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? , and Can Mozilla Support Claims of Firefox Being the Most Secure Web Browser? (Part 2) In part 2, I probed Mozilla’s usage of an ‘at risk’ Read More...
Posted Friday, January 30, 2009 6:57 PM by jrjones | 1 Comments

CIO.COM: Can Mozilla Support Their Security Claims?

Mozilla bills Firefox as the most secure Web browser on the planet, but is it really? Follow along with this series and see if the claims hold up to close scrutiny. Today, I started a multi-part article series on cio.com (Security landing page: http://www.cio.com/topic/1419/Security Read More...
Posted Thursday, January 15, 2009 12:24 AM by jrjones | 28 Comments

IEEE Security & Privacy: Estimating Software Vulnerabilities

I thought I had posted this link in the past, but it turns out I did not, so ... Last summer (2007), one of my papers was published in IEEE Security & Privacy, which describes a method for estimating the number of disclosed but unfixed vulnerabilities Read More...
Posted Tuesday, December 09, 2008 12:05 AM by jrjones | 2 Comments
More Posts Next page »
 
Page view tracker