CloudSec

Security, Privacy, and Governance in the Cloud

Understanding Service Credits under 99.9% Service Level Agreements (SLA)

The new Microsoft Online services represent an excellent option for businesses to base all or part...

Author: alaw Date: 11/27/2008

SDL Trickle Down Theory

I just read a new article over in CSO-Online about our VP of Trustworthy Computing at Microsoft,...

Author: alaw Date: 04/28/2008

US Senate introduces strong privacy bill - YOU are accountable

This bill was introduced last year, and is making the rounds again. Some of the wording that IT...

Author: alaw Date: 02/08/2007

New Threat Analysis and Modeling (TAM) 2.1 tool released

Containing many bug fixes and some enhancements, this is a great tool for organizations who may not...

Author: alaw Date: 12/01/2006

Mono not mentioned in Novell WebCast - but it is in the FAQ

As a developer, the first thing I thought about with the Novell announcement was Mono and whether or...

Author: alaw Date: 11/03/2006

Should we say goodbye to SecureString?

Dominick over at Least Privilege makes reference to the new functionality added to HawkEye which...

Author: alaw Date: 10/27/2006

Guidance Library filled with security goodness!

The folks over at the Patterns and Practices Team have done it again with the Guidance Library -...

Author: alaw Date: 10/06/2006

Don't be a Security Nazi

I was out at a customer site last week and needed to have access to their internal corporate network...

Author: alaw Date: 10/04/2006

Two kinds of people - and the Orcas CTP as a VM!

There is an old saying out there: There are two kinds of people in the world - those who have lost...

Author: alaw Date: 10/04/2006

Problems with Vista Security in Europe

I was wondering when this issue was going to come up in the anti-trust discussions. It seems as if...

Author: alaw Date: 09/12/2006

Credit Card Companies form security council

It seems that the evolving PCI (Payment Card International) standard is getting more support with...

Author: alaw Date: 09/08/2006

Does AOL have a Secure Development LifeCycle in place?

Yet another set of headlines this week about data being leaked accidentally from internal employees....

Author: alaw Date: 08/22/2006

New Threat Modeling Tool and 'hip' video released

So everyone is talking about the new .NET 2.0 based threat modeling (Beta) that has just been...

Author: alaw Date: 03/10/2006

Changing the default membership and role provider in Visual Studio 2005

When you initially install VS2005 and start to use the default membership and role providers for...

Author: alaw Date: 02/17/2006

AJAX poses security, performance risks

With the increasing popularity of Ajax/Atlas as the new 'holy grail' of development, it easy to...

Author: alaw Date: 02/17/2006

Mike Nash responds to Slashdot Security questions

Mike Nash responds to some of the most popular questions from the SlashDot crew on the state of...

Author: alaw Date: 01/26/2006

Vista Security Love-Ins at TechReady in Seattle

I'm out at Tech Ready in Seattle and am attending as many Vista Security sessions as I can. The fact...

Author: alaw Date: 01/11/2006

Spending a Saturday at Security code camp in Reston

A beautiful, crisp, fall Saturday with plenty of sunshine and fresh air. But I chose to spend it...

Author: alaw Date: 11/02/2005

Letting SQL 2005 do they heavy work of encrypting data

Many of the developers I work with go through the pain of trying to figure out how to encrypt data...

Author: alaw Date: 10/26/2005

Security Patterns and Practices - ADO.NET 2.0

The Patterns and Practices team have come out with new guidance and best practices surrounding...

Author: alaw Date: 10/25/2005

Security Trimming in ASP.NET 2.0

Dan Sellers talks about Security Trimming in ASP.NET as a great way to easily limit access to...

Author: alaw Date: 10/18/2005

Securing WPF when running in the browser

Karen Corby has written a great article about hosting Windows Presentation Foundation in the...

Author: alaw Date: 10/18/2005

New Blog to discuss developer security for.NET

Here is a new blog I am creating in msdn to discuss topics related to developing secure code in...

Author: alaw Date: 09/28/2005