-
-
Popular Posts
- Off to See the World 5 comment(s)
- Microsoft By Numbers 1 comment(s)
- About 0 comment(s)
- Cloud Computing: Benefits and Risks of Moving Federal IT into the Cloud 1 comment(s)
- A new Chief Security Advisor in the UK 3 comment(s)
Users and Hits
My Trips
Who's Online
1 visitors online now
1 guests, 0 members
Map of Visitors
Powered by Visitor Maps
Category Archives: Processes
Microsoft and Adobe: Collaboration Against Threats
You know my opinion on collaboration between countries, on public-private-partnerships as well as on collaboration between companies. Since quite a while we run a program called MAPP – the Microsoft Active Protections Program, where we share vulnerability information with security … Continue reading
Posted in Industry, Microsoft, Processes, Strategy, Trends
Tagged Collaboration, Vulnerabilities
1 Comment
How to Deal With Vulnerabilities
This is always a fairly emotional theme. What is better to protect the ecosystem? Public or private disclosure? Should somebody paying for vulnerabilities or not? Is a vulnerability auction ethical or not? I know that there are numerous views on … Continue reading
Posted in Incidents, Microsoft, Processes
Tagged Incident Response, Incident Sharing, Processes
1 Comment
Open Source and Hackers
The debate is probably as old as the Open Source software development model: Which one is more secure: Open Source or shared source as we at Microsoft run it? I know that we could now enter a religious debate about … Continue reading
Posted in Crime, Critical Infrastructure Protection, Cybercrime, Industry, Microsoft, Open Source, Process, Processes, Security
Tagged Behavior, Development Lifecycle, Ecosystem, OpenSource
Leave a comment
We Need Solid and Strong Transparent Processes for the Cloud
This morning I was reading an article called Google seeks to assure customers on cloud security practices on ComputerWeekly. I had to read this – obviously . It references a paper written by the Google Security Officer called Security Whitepaper: … Continue reading
Posted in Associations, Industry, Process, Processes, Security, Trends
Tagged Cloud, Ecosystem, Engineering, Processes
Leave a comment
Customer Stories: Why it is not THAT easy to move to the Cloud
Ait ss you know from my postings on Cloud and security and the paper on the Cloud Security Considerations we wrote, I am convinced that there are five areas you should look at, when you try to migrate to the … Continue reading
Posted in Cloud Computing, Cloud Computing, Industry, Microsoft, Process, Processes, Products, Security
Tagged Cloud, Ecosystem, Policies, Processes
Leave a comment
Want to introduce the Security Development Lifecycle? Play a Game
I was recently pinged by a customer asking for the “real” version of this game. It was distributed at RSA in the US and I do not have any anymore – but you can still print it yourself. So, if … Continue reading
Legal Challenges of International Business and the Cloud
To start with: I am an engineer not a lawyer – and this might be part of the problem… When I started to think about the Cloud and security and thought about all the work I do with Law Enforcement … Continue reading
Posted in Crime, Cybercrime, Government, Law Enforcement, Legislation, Microsoft, Privacy, Process, Processes, Security, Strategy
Tagged Behavior, Citizens, Cloud, Collaboration, Crime, Government, International, Internet, Jurisdiction, Law Enforcement, Legislation, MLAT, Policy Makers, Privacy
Leave a comment
Security Development Lifecycle – Website!
I often talk about how we learned to engineer security into the products and the results prove that we are on the right track. One of the challenges we always have is how to help the ecosystem to improve as … Continue reading
Posted in Microsoft, Process, Processes, Security
Tagged Development Lifecycle, Ecosystem, News, Threat Modeling
Leave a comment
Why it pays to be secure – Chapter 5 – I need tools!
Our EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to use. So far, … Continue reading
Posted in Microsoft, Processes, Products, Strategy
Tagged Malware, management, Microsoft, Policies, Risk Assessment, Standardization, Tool, Updates
Leave a comment
Making the Management of Security Compliance Easier!
As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Internally, we often think about … Continue reading