Weekend Security Reading Round up Links – 10/12/07

All about the data: IT security starts with a data-centric worldview ACE Team’s Roger A. Grimes has posted a great summary of the importance of having a data-centric way of looking at things for computer/information security to work in an IT environment.   1st CTP of the SQL Server 2005 Driver for PHP available Bill Staples…


Securing the Gateway to Your Enterprise: Web Services

Eugene Siu, a Senior Security Consultant on the ACE Team has just published a great article summarizing some of the pitfalls and issues around web services security.  You can read the whole article here. -techjunkie


Mark Curphey joins Microsoft’s ACE Team

We’re super excited to have Mark aboard, Mark was formerly running FoundStone Consulting and also founded OWASP.  Here’s Mark’s note about joining and you can also check out Mark’s own blog here.  -techjunkie


Weekend Security Reading Round up Links – 10/5/07

What’s hot in Microsoft security: White lists; Blue hats A discussion on Symantec’s proposal to whitelist everything on a Windows box as well as a summary of Microsoft’s Bluehat 10 Microsoft Security Links to Blow Your Mind Pretty self explanatory, no? 🙂 More eyeballs for .Net Framework code Our own Eugene Siu talks about Microsoft’s…


The difference between pentesting and an application development security process Part I

Many times when we’re speaking with a customer or reviewing material from security vendors, the inclination we’ve seen is to rely on penetration testing or code analysis/scanning tools and other solutions to make up for the fact that there is no comprehensive security process in place during development.  Microsoft IT runs thousands of applications in…


Welcome, finally.

Over the last several weeks after launching this blog we’ve had several logistical issues to deal with and I’m hoping all of those are now addressed so we can get on with what you’ve been asking for, some great content!!   Initially I had named the blog “hackers @ Microsoft” and tried to be pretty clear…



Thank you all for the tremendous response and support.  I’ve gotten so many of your messages that I’ve not been able to respond to them all individually.  We are working through some logistical issues but look forward to getting things going very soon.  Please continue watching this space or subscribe!Thanks, techjunkie – 9/15/07


welcome to a different kind of blog from microsoft

Hello world.  Welcome to a new blog from Microsoft.  The focus of this blog is likely to be a little different from most other blogs you’ll see on blogs.msdn.com.  Microsoft employs some of the best hackers in the world and actively recruits them and develops them.  They work on all kinds of projects, whether it…