Roger Halbheer on Security
Our EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to use. Use these Learning Paths to find a range of Microsoft training references and resources on security threats…
You definitely have heard of COFEE (Computer Online Forensic Evidence Extractor) which we make freely available to Law Enforcement through Interpol and NW3C. Now, the probably unavoidable happened and the tool leaked to the Internet. There was actually an interesting statement by ArsTechnica yesterday: Chances are you won’t have any use for the tool, but…
Since a few years we are working with the Council of Europe in a partnership to help to drive a Cybersecurity treaty. We realize that a problem a lot of Law Enforcement agencies have is inconsistent legislation which makes is unbelievably hard to catch the criminals. The Council of Europe treaty is a great starting…
It is a good tradition since quite a while that we make the intelligence we have available accessible to the broad public. This will help out customers to protect themselves much better. The Security Intelligence Report (SIR) is built on a unparalleled set of sensors out there in the Internet: Malicious Software Removal Tool (MSRT):…
Just a brief one: the Security Compliance Management Toolkit Series has been updated to incorporate Internet Explorer 8 and Windows 7. So, to help you to manage security and compliance in your environment, you should have a look at it: http://technet.microsoft.com/en-us/solutionaccelerators/cc835245.aspx
Roger
Recently we announced the availability of the Enhanced Mitigation Evaluation Toolkit. This is a toolkit which makes it easier to defend your application on different levels – free of charge. Read the post done by our Security Research and Defense guys: Announcing the release of the Enhanced Mitigation Evaluation Toolkit
Roger
At the moment I invest a lot of my time in a Whitepaper on Client and Cloud Security. There are a few fundamentals, which are already clear to me: You will not be able to run a trusted cloud ecosystem without a trusted client and trusted interactions. So, the End to End Trust model is…
This morning I read the following article: Microsoft can help kill fake antivirus threat. And interesting approach. The proposal is that we could white-list all the legitimate security software within the OS in order to make it harder to trick the user. Well, would this work? I am not so sure: First of all, what…
Our EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to use. Security — you hear about it every day. Being responsible for information security can be a daunting…
COFEE is a tool available to Law Enforcement only to capture online evidence with a little training as possible. The idea behind the tool is, that there is little need for high-trained staff to be available during e.g. house searches and that a normal, much less trained officer can capture all the data. Until today,…
Beginning of this year, I tried to understand, whether we can show a collaboration between Piracy (stolen software) and Malware Infections. I played a little bit with the data I had available and came to the conclusion, that there most probably is: Is there a Correlation between Stolen Software (Piracy) and Security/Patching? Now, the Business…
Quite a while ago I blogged about the SharePoint External Collaboration Toolkit. I just wanted to make you aware that this toolkit is now moved to Codeplex and can be found here: http://cks.codeplex.com/
Roger
The development in Africa especially with the new broadband services to me is a huge chance for the whole continent. I just found this map on the next two years: source: IntelFusion Even though I have not been in Africa over the last few months, I heard that in different cities fiber is brought directly…
On analyst (and very active Tweeter on http://twitter.com/monkchips) quite a while ago (March 08) published a post, which we recently drew up in one of the cloud discussions: If you peel back the label and its says “Grid†or “OGSA†underneath… its not a cloud. If you need to send a 40 page requirements document…
When I entered the US this time, I got a brochure on how I could avoid the line at immigration and just get a fast track by registering with the Global Entry Program, a program, which would pre-screen me and then I just have to register with a machine by entering the US. As I…
Why pay for a Anti-Malware solution if you can get one of the best solutions in the world for free – go and download it! It is there: http://www.microsoft.com/security_essentials/ And now, the disclaimer: It runs only on genuine Windows! Have fun, enjoy. I am running it since quite a while with my friends and families…
I read an article on Cyber Security Challenge Brings Out the Best about a “defend your system†challenge by the USENIX Security Conference in Montreal, Canada. I like the approach: Find and fix common vulnerabilities on a web server.
Roger
I recently had different discussions with different customers and we were looking into the key questions to ask, when you plan to move to the cloud (yes, I am working on a corresponding blog post). I was then asked whether we have an answer to these questions – well no. For sure not for all…
I started to read the article and actually just wanted to Tweet about it but then I voted and had to publish at least the current state: When it comes to security, who do you trust more? Microsoft (44%) Google (32%) Neither (22%) Both (3%) Total Votes: 716 This is just now – might change…
