Enabling Digital Society
Using the Cloud and Mobility to enable citizens to take part in their world!
Translate This Page
Translate this page
Access Control Service
Bitlocker To Go
Black Screen of Death
Security Intelligence Report
Tech Ed Australia
Windows Azure Media Services
Windows Azure Mobile Services
Browse by Tags
Enabling Digital Society
Tagged Content List
Whitepaper: Disaster Recovery and High Availability for Windows Azure Applications
The team have recently released a new whitepaper Disaster Recovery and High Availability for Windows Azure Applications The whitepaper outlines the necessary architecture steps to be taken to disaster-proof a Windows Azure deployment so that the larger business continuity process can be implemented....
15 Jun 2013
Windows Azure in Australia! How does that change your security outlook?
We are bringing our world class Windows Azure data centres here to Australia. Microsoft has a long history of bringing industry leading technologies to the world. Windows Azure is no different. Today we announced that we will be adding more data centres around the globe. Australia will have two georedundant...
20 May 2013
Regarding Cloud Security and Data Sovereignty
There are two primary concerns for governments and organisations in Australia when considering taking advantage of Cloud Computing. #1: Security, #2: Data Sovereignty. While these are legitimate concerns, they are largely misunderstood and surrounded by Fear, Uncertainty and Doubt (FUD). We need...
30 Jan 2012
Cloud As a Security Layer–#Winning
I’ve often been a proponent of thinking of Cloud based computing as a security layer between you and the bad guys. It seems the US Department of Defense agrees with me. http://techinsider.nextgov.com/2011/03/cyber_command_shifting_to_the_cloud.php Now, by far the most common area of attack where bad...
30 Mar 2011
AU Gov blocking web based email, worth it? No.
In response to the Australian National Audit Office report ' The Protection and Security of Electronic Information Held by Australian Government Agencies ' many government agencies are talking about blocking access to web based email. Here’s the recommendation that has been lighting up the Twitterverse...
27 Mar 2011
Security Intelligence Report Vol 9 available
The latest SIR is available now from Microsoft. You can find it here: http://www.microsoft.com/security/sir/default.aspx Industry wide vulnerabilities continue their downward trend . However High Complexity vulnerabilities rose a bit ( http://www.microsoft.com/security/sir/keyfindings/default...
3 Nov 2010
Follow-up from previous SQL Injection post.
So first off, Thank you to Jim Manico for his comment on my previous post which lead me to create this post. I will includes quotes from Jim’s comment for reference here. JM : “ I think you are terribly wrong, and its important we clear this up .” No worries I appreciate your candour. Everyone...
20 Dec 2009
“there is no bigger attach vector than with a parameterized sp” NOT!!
I recently posted an article on our ACE Team blog (you can read it here if you are interested) There were a few comments about the use of Dynamic SQL that made me realise that not everyone “get’s it” yet. Here are the comments that started the discussion: Alastair Upton said: Shouldn't Rule #4 read ...
16 Dec 2009
Rules to stop bad guys
I just posted an article to our team blog about simple development rules to stop the bad guys. Head over and have a read. You can find the post on the ACE Team blog . I know it’s a repost, but sometimes it beats re-writing. ;-)
16 Dec 2009
Bitlocker Broken/Cracked… NOT!
Ok, I’ve been trying to keep my cool on this whole thing but enough is enough. A few days ago ars technica ran a hype-story called “First commercial tool to crack BitLocker arrives” (no, I’m not going to link to it because they don’t deserve the traffic IMHO) The claim is that Passware has created a...
12 Dec 2009
Trusting Web 2.0 – NOT!
Yesterday, I did a presentation at a customer site for their lunch time security talks. It was about Web 2.0 and protecting yourself online. One of the things I mentioned in my talk was how much people are trusting, blindly, what they see on the social internet. For example, most of you reading this...
3 Dec 2009
You can’t hide from Shodan
I was looking for cool security stuff on the Internet as I do, and I came across this story The Futility of Security By Obscurity on Dark Reading that pointed me to this online search engine called Shodan created by John Matherly . Shodan is an online search engine for computers. Not news, tweets, blogs...
1 Dec 2009
Security Features vs Security Bugs
Several times when I've been talking with customers about implementing an SDL, or what they should be doing to secure their in-house developed applications, I get asked a similar branch of questions. · Why do we need to review the design if we review the code? · Why do we need to scan the code, if we...
21 Jul 2009
Finally, answers on the Web – Bing
Bing and the world Bing’s with you, Search and you Google alone… I must admit I wasn’t a real huge fan of the search results that I got with Live. But I think someone was listening. We introduced Bing to the world and I have to tell ya, it’s all it’s cracked up to be and more. I love the instant...
11 Jun 2009
The Storm is Rising
Catchy title huh? But what do I mean by that. Hackers take advantage of this kind of chaos, are you ready? You know when your grandma told you to save your pennies for a rainy day, well the rain is here…a lot of it. In case you hadn’t noticed, a large portion of the civilised world is in the deepest...
2 Feb 2009
The Vicious cycle
In the IT Security area there seems to be this lack of belief in the old adage, It Can Happen To Anyone . Normally, before a company will get off their collective butts and do anything about their software security, they have to experience an incident. There are all sorts of cliche's we can put here...
2 May 2007
MS Anti-Cross Site Scripting Library 1.5 Available
Many applications today have several common security problems. SQL Injection, poor authentication and authorization, and Cross Site Scripting (XSS) vulnerabilities. The faster and more conssitently we can address these problems the better the security of our application is. Microsoft has released...
20 Nov 2006
ACE Threat Modeling Links
I've been asked several times where to get the new ACE Threat Analysis and Modeling tool. You can find this and more information about ACE Services here: http://msdn2.microsoft.com/en-us/security/aa570413.aspx Have a look. We're working on getting V2.1 of the tool released. It will be posted there...
2 Nov 2006
Can we get something for nothing?
A lot of the time when I'm presenting or discussing implementing a Secure Development Lifecycle (SDL) with clients the same question pops up. 'How much is this going to slow us down?' Well to be honest, you can't insert anything into a Software Development Life Cycle (SDLC) without adding some time or...
10 Sep 2006
Page 1 of 1 (19 items)
© 2015 Microsoft Corporation.
Privacy & Cookies