ACE Team - Security, Performance & Privacy
Technical Dependency Analysis
Hi, I’m Kevin Harris, Principal Program Manager with Microsoft’s Enterprise Business Continuity...
Date: 02/19/2010
Using the Business Impact Analysis
Hi all, I’m Tom Easthope, Sr. Program Manager on the Enterprise Business Continuity team at...
Date: 01/26/2010
InfoSec A&P Suite: How to Install & Configure
Hi everyone, Diane here. Recently the Information Security Tools (IST) Team released the Assessment...
Date: 11/30/2009
Introducing the InfoSec Assessment & Protection Suite
The Information Security Tools (IST) team has released the InfoSec Assessment & Protection...
Date: 11/16/2009
Dogfooding: How Microsoft IT Information Security Dogfoods: Product Influence
Hi Steven Michalove here, I’m a principal program manager on Microsoft IT’s Information Security...
Date: 10/30/2009
Dogfooding: How Microsoft IT Information Security Dogfoods, Phase 2: Perform an Assessment of the Features Only
Hi Price Oden here, I’m a principal senior security architect on the Microsoft IT Information...
Date: 10/26/2009
Dogfooding: How Microsoft IT Information Security Dogfoods, Phase 1: Conduct a Security Design Review
Hi Don Nguyen here, I’m a senior security engineer with the Microsoft Information Security's...
Date: 10/19/2009
Risk Management in Risk Tracker
Hey there, my name is Sarah Pickard and I am a Senior Program Manager on the Microsoft Information...
Date: 10/15/2009
Dogfooding: How Microsoft IT's Information Security Dogfoods
Hello Diane here. Do you ever wonder how Microsoft’s IT Information Security (InfoSec) is involved...
Date: 10/08/2009
How to Integrate Risk Tracker with Internal HR Feeds
Organizations who would like to deploy the Risk Tracker v1.0 application in their own environment,...
Date: 09/30/2009
Risk Tracker v1.0 Release
The Microsoft Information Security Tools (IST) team releases Risk Tracker version 1.0 application....
Date: 09/29/2009
Create a Response Time Graph
Spending my last 4 years helping Microsoft’s enterprise customers improve their line of business...
Date: 09/27/2009
Anti-XSS Library v3.1 Released!
The Microsoft Information Security Tools (IST) team has released the latest Microsoft Anti-Cross...
Date: 09/17/2009
Introducing the Connected Information Security Framework (CISF) and Risk Tracker Version 1.0
The Microsoft Information Security Tools (IST) team has released the Connected Information Security...
Date: 09/16/2009
Blog Series: Get Familiar with the SDL-LOB Process. Introduction to Phase Five: Release for LOB
Hello, Anmol here. As you’ve been following along with me in my blog series on Security...
Date: 08/10/2009
Video Series: ACE Security Consultants from the Field
Kicking off our video series, ‘ACE Security Consultants from the Field,’ Talhah Mir from Microsoft...
Date: 08/04/2009
Blog Series: Get Familiar with the SDL-LOB Process. Introduction to Phase Four: Verification for LOB
Hello, Anmol here…continuing our discussion of Security Development Lifecycle for Line-of-Business...
Date: 07/29/2009
Blog Series: Get Familiar with the SDL-LOB Process. Introduction to Phase Three: Implementation for LOB.
Hello, Anmol here. For this blog series I’ll discuss the the Security Development Lifecycle...
Date: 07/13/2009
Blog Series: Get Familiar with the SDL-LOB Process, Introduction to Phase Two: Design for LOB
Hello, Anmol here. This is a continuation of my blog series on the SDL-LOB process. In...
Date: 06/19/2009
Blog Series: Get Familiar with the SDL-LOB Process, Introduction to Phase One: Requirements for LOB
Hello, Anmol here. For this blog series I’ll discuss the SDL-LOB process and cover all 5...
Date: 06/16/2009
Blog Series: Get Familiar with the SDL-LOB (Security Development Lifecycle for Line-Of-Business Applications) Process
Hello, Anmol Malhotra here. I’m a Senior Security Engineer with ACE Team, a part of Microsoft IT...
Date: 06/02/2009
How Do I: Set Up Fiddler’s Reverse Proxy to Create a VSTS 2008 Web Test
VSTS 2008 has a great recording tool that allows you to create web test simply by recording your web...
Date: 05/29/2009
TechNet Webcast: Configuring with Least Privilege in SQL Server 2008 (Level 300)
TechNet Webcast: Configuring with Least Privilege in SQL Server 2008 (Level 300) Tuesday, June 02,...
Date: 05/29/2009
TechNet Webcast: Fundamentals of Third-Party Security Management (Level 300)
TechNet Webcast: Fundamentals of Third-Party Security Management (Level 300) Monday, June 01, 2009...
Date: 05/29/2009
Infrastructure Security Design Review
Hello Everyone! My name is Shawn Rabourn and I am a Senior Security Consultant with ACE (Assessment,...
Date: 05/19/2009
ACE Infrastructure Security Services: An Overview
This is Rob Cooper, Senior Engineer for ACE Infrastructure (also known internally as ICE for you...
Date: 05/11/2009
Security as a Service: A Balancing Act
When I first joined Microsoft IT, I was intrigued by the concept of offering security assessment as...
Date: 05/04/2009
About ACE’s Information Security Assessment Service - Your Friendly Neighborhood Security Auditor
This is Gerard Morisseau, Senior Program Manager for ACE’s Information Security Assessment Services...
Date: 04/28/2009
VSTS Web Test Step-by-Step Primer: 7-Minute Video by Microsoft A.C.E. Performance Engineer Chris Lundquist (with Copious Notes and Screen Shots from Your Humble Correspondent)
My colleague & A.C.E. performance engineer Chris Lundquist has compiled a 6:58 wmv featuring his...
Date: 04/27/2009
Shrinking Budgets: Application Security Tools vs Process Tradeoff
An all too familiar scene repeated itself two weeks ago. My good friend & CISO of a mid-sized...
Date: 04/21/2009
About ACE’s Infrastructure Security Team
Hi, my name is Brad Gobble and I manage ACE’s Infrastructure Security Team, a part Microsoft IT’s...
Date: 04/17/2009
ACE Team's Performance Development Lifecycle (PDL-IT )
Hi – This is Irfan, Director of the ACE Team. Some of you may have come across Abu’s...
Date: 04/03/2009
Akshay’s Uncertainty Principle: Observing Some Metrics Changes Them
You’ve probably heard of the famous Heisenberg Uncertainty Principle in Quantum physics....
Date: 03/31/2009
Vulnerabilities in Web Applications due to improper use of Crypto – Part 4
Digital signature is a cryptographic mechanism that provides three security services; data origin...
Date: 03/26/2009
Performance Development lifecycle for IT - Part 3
This is the continuation of the previous posts on PDL-IT (part-1 , part-2). Part-1 consisted of...
Date: 03/24/2009
Performance Development lifecycle for IT - Part 2
As a follow-up post to PDL-IT part-1, this is the part-2 of PDL-IT. In this post I would...
Date: 03/12/2009
Response to InfoSec X Prize Part 1
So I’ve been quite amazed by the amount of discussion and feedback i have received from colleagues...
Date: 03/05/2009
Performance Development life cycle for IT – Part 1
Microsoft ACE team has been involved in performance testing and tuning of web applications within...
Date: 03/04/2009
Baking Security In: A Comic Strip View of SDL
So how do you take your average developer who scoffs at security from the careless and brash aka...
Date: 03/03/2009
neXpert v1.0 Released!
Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */...
Date: 02/16/2009
Webcast: Software Security with Static Code Analysis Using CAT.NET
MSDN Webcast: Software Security with Static Code Analysis Using CAT.NET (Level 200) Presenter:...
Date: 02/15/2009
Microsoft IT Solutions: Full Drive Encryption using BitLocker
One of the challenges that I have been focusing my team on this fiscal year has been creating new...
Date: 02/07/2009
Note to Fannie Mae: Dealing with Logic Bombs
Today, it was revealed that a departing contractor left Fannie Mae with a parting gift – a Logic...
Date: 01/31/2009
Vulnerabilities in Web Applications due to improper use of Crypto – Part 3
Almost all thick client applications need to update themselves. This is the only way to distribute...
Date: 01/25/2009
The InfoSec X Prize: Fundamental Change Through Competition
Today I had a thought provoking conversation with Dr. Peter Diamandis, Chairman and CEO of Zero...
Date: 01/23/2009
Webcast on Recently Released Anti-XSS & CAT.NET
"Managing Cross-Site Scripting Using CAT.NET and AntiXSS (Level 200)" It will be co-presented by...
Date: 01/06/2009
New versions of Anti-XSS & CAT.NET available today and some background and history about the ACE team
*** UPDATE ********** ALL LINKS ARE LIVE NOW! ********************* Hi All – this is Irfan Chaudhry,...
Date: 12/15/2008
Performance Monk and the Deadly Duo
Alik here. Following great feedback on our last post we decided to continue sharing ACE Team...
Date: 12/08/2008