Browse by Tags

Tagged Content List
  • Blog Post: Listening on All Ports

    By now, you may have seen that Microsoft has changed the name of the vulnerability reporting process we follow from "Responsible Disclosure" to " Coordinated Vulnerability Disclosure ". First, I'd like to thank each and every one of the reviewers, especially those who were willing to be thanked and...
  • Blog Post: Behind the ISO Curtain

    When people ask me what I do at Microsoft, in the style of one of “the Bobs” in Office Space posing the question “What would you say ya do here?”, I point them to things like the SDL , the SDL Pro Network , which I manage, or MSVR , which I founded and is now managed by Adrian Stone over in MSRC . Someday...
  • Blog Post: Partial Disclosure: Was It A Cat I Saw?

    Quite often in our industry, two (or five) people can look at the same problem from different angles, and see radically different things. Rare is the situation that reads the same to everyone, forwards and backwards. It’s all about perspective. In my appearance on the ‘ Partial Disclosure Dilemma...
  • Blog Post: The Partial Disclosure Dilemma Panel at SOURCEBoston

    Want to know more about the evolving vulnerability disclosure landscape? Have a burning question or opinion about who should get to know, how much they get to know, and when they get to know, as it relates to vulnerability details? Can't make it to SOURCEBoston to see me and a few security industry friends...
Page 1 of 1 (4 items)