Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Technical Dependency Analysis
Hi, I’m Kevin Harris, Principal Program Manager with Microsoft’s Enterprise Business Continuity...
Date: 02/19/2010
Using the Business Impact Analysis
Hi all, I’m Tom Easthope, Sr. Program Manager on the Enterprise Business Continuity team at...
Date: 01/26/2010
InfoSec A&P Suite: How to Install & Configure
Hi everyone, Diane here. Recently the Information Security Tools (IST) Team released the Assessment...
Date: 11/30/2009
Introducing the InfoSec Assessment & Protection Suite
The Information Security Tools (IST) team has released the InfoSec Assessment & Protection...
Date: 11/16/2009
Dogfooding: How Microsoft IT Information Security Dogfoods: Product Influence
Hi Steven Michalove here, I’m a principal program manager on Microsoft IT’s Information Security...
Date: 10/30/2009
Dogfooding: How Microsoft IT Information Security Dogfoods, Phase 2: Perform an Assessment of the Features Only
Hi Price Oden here, I’m a principal senior security architect on the Microsoft IT Information...
Date: 10/26/2009
Dogfooding: How Microsoft IT Information Security Dogfoods, Phase 1: Conduct a Security Design Review
Hi Don Nguyen here, I’m a senior security engineer with the Microsoft Information Security's...
Date: 10/19/2009
Risk Management in Risk Tracker
Hey there, my name is Sarah Pickard and I am a Senior Program Manager on the Microsoft Information...
Date: 10/15/2009
Dogfooding: How Microsoft IT's Information Security Dogfoods
Hello Diane here. Do you ever wonder how Microsoft’s IT Information Security (InfoSec) is involved...
Date: 10/08/2009
How to Integrate Risk Tracker with Internal HR Feeds
Organizations who would like to deploy the Risk Tracker v1.0 application in their own environment,...
Date: 09/30/2009
Risk Tracker v1.0 Release
The Microsoft Information Security Tools (IST) team releases Risk Tracker version 1.0 application....
Date: 09/29/2009
Create a Response Time Graph
Spending my last 4 years helping Microsoft’s enterprise customers improve their line of business...
Date: 09/27/2009
Anti-XSS Library v3.1 Released!
The Microsoft Information Security Tools (IST) team has released the latest Microsoft Anti-Cross...
Date: 09/17/2009
Introducing the Connected Information Security Framework (CISF) and Risk Tracker Version 1.0
The Microsoft Information Security Tools (IST) team has released the Connected Information Security...
Date: 09/16/2009
Blog Series: Get Familiar with the SDL-LOB Process. Introduction to Phase Five: Release for LOB
Hello, Anmol here. As you’ve been following along with me in my blog series on Security...
Date: 08/10/2009
Video Series: ACE Security Consultants from the Field
Kicking off our video series, ‘ACE Security Consultants from the Field,’ Talhah Mir from Microsoft...
Date: 08/04/2009
Blog Series: Get Familiar with the SDL-LOB Process. Introduction to Phase Four: Verification for LOB
Hello, Anmol here…continuing our discussion of Security Development Lifecycle for Line-of-Business...
Date: 07/29/2009
Blog Series: Get Familiar with the SDL-LOB Process. Introduction to Phase Three: Implementation for LOB.
Hello, Anmol here. For this blog series I’ll discuss the the Security Development Lifecycle...
Date: 07/13/2009
Blog Series: Get Familiar with the SDL-LOB Process, Introduction to Phase Two: Design for LOB
Hello, Anmol here. This is a continuation of my blog series on the SDL-LOB process. In...
Date: 06/19/2009
Blog Series: Get Familiar with the SDL-LOB Process, Introduction to Phase One: Requirements for LOB
Hello, Anmol here. For this blog series I’ll discuss the SDL-LOB process and cover all 5...
Date: 06/16/2009
Blog Series: Get Familiar with the SDL-LOB (Security Development Lifecycle for Line-Of-Business Applications) Process
Hello, Anmol Malhotra here. I’m a Senior Security Engineer with ACE Team, a part of Microsoft IT...
Date: 06/02/2009
How Do I: Set Up Fiddler’s Reverse Proxy to Create a VSTS 2008 Web Test
VSTS 2008 has a great recording tool that allows you to create web test simply by recording your web...
Date: 05/29/2009
TechNet Webcast: Configuring with Least Privilege in SQL Server 2008 (Level 300)
TechNet Webcast: Configuring with Least Privilege in SQL Server 2008 (Level 300) Tuesday, June 02,...
Date: 05/29/2009
TechNet Webcast: Fundamentals of Third-Party Security Management (Level 300)
TechNet Webcast: Fundamentals of Third-Party Security Management (Level 300) Monday, June 01, 2009...
Date: 05/29/2009
Infrastructure Security Design Review
Hello Everyone! My name is Shawn Rabourn and I am a Senior Security Consultant with ACE (Assessment,...
Date: 05/19/2009
ACE Infrastructure Security Services: An Overview
This is Rob Cooper, Senior Engineer for ACE Infrastructure (also known internally as ICE for you...
Date: 05/11/2009
Security as a Service: A Balancing Act
When I first joined Microsoft IT, I was intrigued by the concept of offering security assessment as...
Date: 05/04/2009
About ACE’s Information Security Assessment Service - Your Friendly Neighborhood Security Auditor
This is Gerard Morisseau, Senior Program Manager for ACE’s Information Security Assessment Services...
Date: 04/28/2009
VSTS Web Test Step-by-Step Primer: 7-Minute Video by Microsoft A.C.E. Performance Engineer Chris Lundquist (with Copious Notes and Screen Shots from Your Humble Correspondent)
My colleague & A.C.E. performance engineer Chris Lundquist has compiled a 6:58 wmv featuring his...
Date: 04/27/2009
Shrinking Budgets: Application Security Tools vs Process Tradeoff
An all too familiar scene repeated itself two weeks ago. My good friend & CISO of a mid-sized...
Date: 04/21/2009
About ACE’s Infrastructure Security Team
Hi, my name is Brad Gobble and I manage ACE’s Infrastructure Security Team, a part Microsoft IT’s...
Date: 04/17/2009
ACE Team's Performance Development Lifecycle (PDL-IT )
Hi – This is Irfan, Director of the ACE Team. Some of you may have come across Abu’s...
Date: 04/03/2009
Akshay’s Uncertainty Principle: Observing Some Metrics Changes Them
You’ve probably heard of the famous Heisenberg Uncertainty Principle in Quantum physics....
Date: 03/31/2009
Vulnerabilities in Web Applications due to improper use of Crypto – Part 4
Digital signature is a cryptographic mechanism that provides three security services; data origin...
Date: 03/26/2009
Performance Development lifecycle for IT - Part 3
This is the continuation of the previous posts on PDL-IT (part-1 , part-2). Part-1 consisted of...
Date: 03/24/2009
Performance Development lifecycle for IT - Part 2
As a follow-up post to PDL-IT part-1, this is the part-2 of PDL-IT. In this post I would...
Date: 03/12/2009
Response to InfoSec X Prize Part 1
So I’ve been quite amazed by the amount of discussion and feedback i have received from colleagues...
Date: 03/05/2009
Performance Development life cycle for IT – Part 1
Microsoft ACE team has been involved in performance testing and tuning of web applications within...
Date: 03/04/2009
Baking Security In: A Comic Strip View of SDL
So how do you take your average developer who scoffs at security from the careless and brash aka...
Date: 03/03/2009
neXpert v1.0 Released!
Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */...
Date: 02/16/2009
Webcast: Software Security with Static Code Analysis Using CAT.NET
MSDN Webcast: Software Security with Static Code Analysis Using CAT.NET (Level 200) Presenter:...
Date: 02/15/2009
Microsoft IT Solutions: Full Drive Encryption using BitLocker
One of the challenges that I have been focusing my team on this fiscal year has been creating new...
Date: 02/07/2009
Note to Fannie Mae: Dealing with Logic Bombs
Today, it was revealed that a departing contractor left Fannie Mae with a parting gift – a Logic...
Date: 01/31/2009
Vulnerabilities in Web Applications due to improper use of Crypto – Part 3
Almost all thick client applications need to update themselves. This is the only way to distribute...
Date: 01/25/2009
The InfoSec X Prize: Fundamental Change Through Competition
Today I had a thought provoking conversation with Dr. Peter Diamandis, Chairman and CEO of Zero...
Date: 01/23/2009
Webcast on Recently Released Anti-XSS & CAT.NET
"Managing Cross-Site Scripting Using CAT.NET and AntiXSS (Level 200)" It will be co-presented by...
Date: 01/06/2009
New versions of Anti-XSS & CAT.NET available today and some background and history about the ACE team
*** UPDATE ********** ALL LINKS ARE LIVE NOW! ********************* Hi All – this is Irfan Chaudhry,...
Date: 12/15/2008
Performance Monk and the Deadly Duo
Alik here. Following great feedback on our last post we decided to continue sharing ACE Team...
Date: 12/08/2008