Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
In July, we kicked off a blog series focused on "Microsoft's Free Security Tools." The series highlights free security tools that Microsoft provides to help make IT professionals' and developers' lives easier. A good tool can save a lot of work and time for those people responsible for developing and managing software. In the series we discuss many of the benefits each tool can provide and include step by step guidance on how to use each. Below is a summary of the tools covered in the series and a brief overview of each.
This article in our series on Microsoft’s free security tools is focused on a tool called the Microsoft Baseline Security Analyzer (MBSA). Many years ago before Windows Update was available, servicing software was much more painful than it is today. Microsoft released security updates weekly, and there were few deployment technologies available to help determine which systems needed which updates. I wrote an article on this topic if you are interested in a walk down memory lane. For those IT administrators that lived through those days, the MBSA was a godsend. Today, 10 years later, the MBSA is still a free security tool that many, many IT Professionals use to help manage the security of their environments.
This article in our series focused on Microsoft’s free security tools is on a tool called Portqry. This tool is a TCP/IP connectivity test tool, port scanner, and local port monitor. Portqry is useful for troubleshooting networking issues as well as verifying network security related configurations. Because of this broad functionality, I have heard some Information Technology (IT) Professionals refer to this tool as a “Swiss army knife” of tools.
This week the Microsoft Malware Protection Center (MMPC) published a new threat report focused on Rootkits. A rootkit is a suite of tools used by attackers to provide stealth capabilities to malware. The typical goal of a rootkit is to enable malware to remain undetected on a system for as long as possible, in order to facilitate the theft of sensitive data, change computer settings, or compromise system resources.
This morning, Adrienne Hall, General Manager for Trustworthy Computing delivered a keynote speech at RSA Europe and announced the availability of the Microsoft Security Intelligence Report volume 13 (SIRv13). It’s hard to believe that it’s been over six years since we published the first volume of the report. The report has evolved a lot since then, but our goal has always remained the same: to provide our customers with the most comprehensive view into the threat landscape so they can make informed risk management decisions.
In the first two parts of this series on the threat landscape in the Middle East (Part 1, Part 2) I focused on the threats in Qatar, Iraq and the Palestinian Authority (West Bank and Gaza Strip). In this final part of the series I focus on Israel and Saudi Arabia.
The data in this article comes from the Microsoft Security Intelligence Report volume 12 (SIRv12) and previous volumes of the report.
I have written about the threat landscape in the European Union (EU) before, focused on the first and second half of 2011. If you are interested in learning about threats Microsoft observed during 2011, please read these articles:
This article is focused on threats observed in the first half of 2012. The most recent volume of the Microsoft Security Intelligence Report, volume 13, includes data on the first half of 2012, including deep dive regional threat assessments on every member state in the EU as well as 78 other locations around the world. In this article I provide a summary of the latest threat data for the EU.
Recently I had the opportunity to speak at the Security Education Conference Toronto (SecTor) 2012, the largest security conference in Canada. Sector had a great group of speakers and more than 1,000 people and had a great group of speakers.
Last year, the inaugural Security Development Conference brought together leading security professionals from a variety of industries around the world who were interested in evolving their own security principals into practices. In all, more than 300 organizations attended the event. Highlights included keynote speakers Richard A. Clarke, former Special Advisor to the President for Cyber Security, General Michael V. Hayden former Director, U.S. Central Intelligence Agency and U.S. National Security Agency and Scott Charney, Corporate Vice President of Trustworthy Computing, Microsoft. You can read more about last year’s event in our wrap up blog post.