Hi, I’m Austin Wilson, Director of Product Management for Windows Vista security.   Our first focus for Windows Vista security is engineering the operating system for security.   Windows Vista is the first Windows client release to be developed end to end using the Security Development Lifecycle (SDL), detailed in this new book by Michael Howard and Steve Lipner . One important part of SDL is doing feature and threat model reviews, penetration testing , and code audits to find potential security issues before we ship.  We’ve had a significant focus on this throughout the product lifecycle using both Microsoft employees and external security researchers to do this testing.    We would like to thank these firms that have helped us do security testing of Windows Vista and acknowledge their assistance in helping us make Windows Vista more secure.  These firms are:



If you’re headed to the BlackHat Conference in Las Vegas next week, be sure to stop by and say hello.  We’ll have five different sessions related to Windows Vista security and we’ll have a booth as well.   Representatives and researchers from many of these security firms will also be attending BlackHat.  We’ll be giving away the latest Windows Vista July EDW DVDs at the booth.  We hope to see you there.