A Proactive Approach to Building a Successful Security Development Lifecycle Program

At this point most of you have heard about the Microsoft SDL and some of activities and deliverables associated with it. However, I still receive a number of questions, specifically, how and where development organizations can start deploying SDL. Good news!   One of the new Microsoft SDL Pro Network members, Security Innovation, has invited me to address…


Improvements in Office Security

David LeBlanc has an excellent write-up of the results (so far) of all the security work the Office guys have been doing over the last few years. Net: about a 50% reduction in vulns!


Volume 5 of the Microsoft Security Intelligence Report is out

Volume 5 of the Microsoft Security Intelligence Report is now out, highlights include: Security vulnerability disclosures – Microsoft and third-party software Vulnerability Exploits – Microsoft software Browser-based exploits – Microsoft and third-party software Security and privacy breaches Malicious and potentially unwanted software trends Volume 5 of the SIR also includes a detailed examination of the…