Port 25: The Open Source Community at Microsoft : Security, Podcast

Network Security Interoperability: Sam talks NAP/NAC with Mark Ashida

MichaelF — Thu, 26 Oct 2006 22:13:00 GMT

On September 6, 2006 Microsoft and Cisco announced the details of a technical partnership announced in October of 2004 focused on providing interoperability between the companies' disparate network security technologies: NAC and NAP. In this interview Sam digs into the details with Mark Ashida, General Manager of the Enterprise Networking Group. They also discuss Xorp and why Mark believes his is one of the most "open" groups at Microsoft.

As part of the announcement a whitepaper with details was produced and can be found here.

Video: Network Security Interoperability: Sam talks NAP-NAC with Mark Ashida

Alternate Video Format
-Download MPEG4 Video

Black Hat US 2006: Networking & Heap Manager Updates with the Core Windows Team

jcannon — Wed, 02 Aug 2006 14:38:00 GMT

At this year's Black Hat Security Conference, several engineers on the Windows Networking & Security teams will be presenting <for the first time, ever> on a number of technical topics, ranging from the new improvements made to the reliability & performance of the OS Heap Manager, to the NetIO stack—a re-architected and re-written TCP/IP stack. Our discussion on this podcast has three distinguished engineers discussing their work with Sam, including:

Noel Anderson - Group Manager on the Windows Wireless Team (IP Stack for Bluetooth & Wi-Fi)
Adrian Marinescu - former member of the Windows Kernel team, LPC, Object Manager & Heap Manager. This past year, Adrian has focused his work on Vista's Heap Manager.
Aboldate Gbadegesin - Architect on Core Networking on Windows (TCP/IP & related protocols, tools & components)

We'll cover their respective areas of work & discuss the topics being presented at Black Hat for those that cannot attend.

Related Links:
- Direct Link to MP3

Server & Domain Isolation with Fernando Cima, Microsoft Brazil (Podcast)

jcannon — Fri, 07 Jul 2006 21:43:00 GMT

Our first podcast...

This week, Sam talks with Fernando Cima from Microsoft Brazil's Security Center of Excellence about the challenges and progress being made in securing and maintaining today's mixed network environments. More specifically, the focus in this discussion is on Server and Domain Isolution. Before Microsoft, Fernando worked for the Brazilian government, as well as with Linux and FreeBSD security projects.

- Download the MP3 Directly
- Learn more about Server and Domain Isolation.

Do many eyes make a bug shallow?

jcannon — Fri, 30 Jun 2006 18:43:00 GMT

Sam interviews Mike Howard, Senior Security PM at Microsoft around security in the operating system and how we think about & engineer security defenses into an operating system. What are the myths around security - do many eyes make a bug shallow? How do you protect and engineer against attack types that haven't been invented yet?

Video: Do many eyes make a bug shallow?

Also worth checking out: Mike just published a book - Security Development Lifecycle - that explains what the SDL looks like, how it is applied through the engineering process at Microsoft and how others can adopt & enhance their own development processes.

Related Links:
- Learn more at the upcoming Black Hat Conference on security processes - a couple folks will from MS will be presenting.
- Check our Mike's security blog.
- Check out the new Security Development Lifecycle book (Amazon)
- TechNet Security Center

Alternative Video Format:
- Download in MPEG4