Good morning, I thought I’d start the week with a give-away of the ten Tech-Ed Conference DVD sets sitting on my desk. So, if you live in the UK and would like me to pop one in the post to you, email me your address details and the first ten to reply will get the goodies. Have a good week. Allison

Steve Lamb, our resident security evangelist, told me about this free security lecture entitled, Computer Security: What's the point! which is being held at the Institute of Engineering and Technology in Edinburgh on the evening of February 13th. Please let your security lecturers and support staff know. Claire Share this: ...

The MSDN folks have been releasing short "How to" videos over the past few months.  Recently they've released a series of "How Do I" Security videos for Developers of .NET Solutions.  They are nice and short and you can learn very simple things that you can do to make your .NET Applications (especially your web apps) ...

We have just published a whitepaper on the use of Office Open XML in Health at the address below: Using Office Open XML Formats to Support Electronic Health Records Portability and Health Industry Standards Abstract: Empowering patients and consumers to exchange Electronic Health Records securely is a big debate in the health industry across the ...

I met up with my colleague, Don Armstrong, the person in Microsoft that leads our efforts around the Government Security Program (GSP)."The GSP fosters partnerships between governments and Microsoft based on collaboration, information exchange, and a mutual trust fortified through ongoing interaction. Representatives of participating ...

This little nugget just landed in my inbox.  Thanks to Jason for putting it together! http://choosing-a-blog-url-sucks.blogspot.com/2007/04/implementing-smartcard-authentication.html -Marc

Just about every time I do an ASP.NET AJAX presentation, someone asks me about some question about AJAX security.  I always start of by saying, ''I'm not an AJAX security expert, but I will do my best to answer your specifc questions...''  Well, thanks to Joe Stagner, there are a bunch of upcoming AJAX security talks as part of the Live ...

As referenced at the 2006 PASS conference this week, the Label Security Toolkit for SQL Server 2005 can be downloaded here.  This toolkit demonstrates how to combine the capabilities of SQL Server 2005 to implement a label-based row and/or cell level security framework in an application database.  The toolkit includes a utility which ...

Jeff's posted two charts and a couple of tables that compare how the server products did vulnerability-wise for the 1st half of the year. The days of risk comparison is very interesting. The total is 12 Windows Server 2003 (rounding up) and at least 900% more for RedHat overall, for high severity Windows Server 2003 had 4 ...