Microsoft’s Security Strategy

Slides:



Advertisements
Similar presentations
Patch Management Patch Management in a Windows based environment
Advertisements

Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
SAGE-AU Adelaide Windows Update Services Michael Kleef IT Pro Evangelist Microsoft Corporation Level 200.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.
Norman SecureSurf Protect your users when surfing the Internet.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Networks worms Denial of Service Phishing / Social Engineering BotnetsRootkits Technically-oriented social engineering attacks Cross-device attacks.
1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.
 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.
Security Development Lifecycle: Changing the Software Development Process to build in Security from the start Eric Bidstrup Ellen Cram Kowalczyk Security.
Windows Defender. What is Windows Defender? Windows Defender is a free program that helps protect your computer against pop- ups, slow performance, and.
Navigating SQL Server Lesson 3. Skills Matrix Graphical User Interface (GUI) Management Tools SQL Server Management Studio SQL Server Configuration Manager.
Security Insights: Spyware. Spyware Challenges Bombard you with ads Change system settings Collect personal information Slow down or crash computers Invade.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
May 30 th – 31 st, 2007 Chateau Laurier Ottawa. Getting it Done: Understanding the Security Features of Windows Vista Kai Axford, CISSP, MCSE-Security.
Understand Malware LESSON Security Fundamentals.
Advancing Security Progress and Commitment Stuart Okin Chief Security Advisor – Microsoft UK Delivering on security (an update on progress)
Copyright © Microsoft Corp 2006 The Security Development Lifecycle Eric Bidstrup, CISSP Group Program Manager Security Engineering and Communication.
Tim Rains Group Product Manager Microsoft Session Code: SIA101.
Delivering Assured Services John Weigelt National Technology Officer Microsoft Canada.
Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Securing Tomorrow’s World Microsoft Security Roadmap Ed Gibson & Steve Lamb Microsoft Ltd.
Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.
David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.
HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,
bitdefender virus protection
Sophos Intercept X Matt Cooke – Senior Product Marketing Manager.
Security: The Changing Threat Environment
ITMT Windows 7 Configuration Chapter 10 – Securing Windows 7
Securing Network Servers
TMG Client Protection 6NPS – Session 7.
Chapter 7: Identifying Advanced Attacks
5/15/2018 5:43 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Journey to Microsoft Secure Cloud
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Compliance with hardening standards
Security Insights: How Microsoft Secures IT
Threat Management Gateway
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Computer Worms & Viruses
Information Security Session October 24, 2005
Introduction to Systems Security
Information Security Awareness
1/1/2019 8:36 AM System Center – Datacenter Management Technology Specialist Management Produkte Microsoft Deutschland.
Implementing Client Security on Windows 2000 and Windows XP Level 150
Networking for Home and Small Businesses – Chapter 8
Securing Windows 7 Lesson 10.
Microsoft Virtual Academy
Networking for Home and Small Businesses – Chapter 8
5/12/2019 2:57 PM © Microsoft Corporation. All rights reserved.
Networking for Home and Small Businesses – Chapter 8
Microsoft Virtual Academy
Security in the Real World – Plenary Day One
Implementing Security Patch Management
In the attack index…what number is your Company?
Using Software Restriction Policies
About Us Scanster is one of the leading IT security software company. Our Software's are well integrated system that simplify computer security management.
Security Insights: Secure Messaging
Presentation transcript:

Microsoft’s Security Strategy Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, Africa detlefe@microsoft.com

Understanding the Attacker Landscape National Interest Personal Gain Personal Fame Curiosity Spy Fastest growing segment Thief Tools created by experts now used by less skilled attackers and criminals Trespasser Vandal Author Script-Kiddy Hobbyist Hacker Expert Specialist

Microsoft’s security strategy in five steps Step One: Secure the platform Designing a more resilient architecture Writing code with fewer vulnerabilities Reducing the attack surface

Software Vulnerabilties in Context Intended Behavior Actual Behavior Most Security Bugs Traditional Bugs Threat-based design and Development Investment in tools and research

Security Development Lifecycle (SDL) Requirements Design Response Security has become an integrated part of the software development process Implementation Release Verification

SDL At Work – MS03-007 The underlying DLL (NTDLL.DLL) not vulnerable Code made more conservative during Security Push Even if it were vulnerable IIS 6.0 not running by default on Windows Server 2003 Even if it were running IIS 6.0 doesn’t have WebDAV enabled by default Even if it did have WebDAV enabled Maximum URL length in IIS 6.0 is 16kb by default (>64kb needed) Even if the buffer were large enough Process halts rather than executes malicious code, due to buffer-overrun detection code (-GS) Even if there were an exploitable buffer overrun Would have occurred in w3wp.exe which is now running as ‘network service’

SDL At Work – Number of Security Bulletins 64 27 628

Microsoft’s security strategy in five steps Step Two: Improve Update Management Improve Patch Quality Unique Update Experience Rollback Facility Monthly Update Cycle Advanced Update Notification Security Advisory Tools and Management Software

“Microsoft Update” (Windows Update) Download Center Office Update VS Update Future Today AutoUpdate Windows, SQL, Exchange, Office… Windows only Windows Update Services SUS SMS Windows, SQL, Exchange, Office… Windows only Windows, SQL, Exchange, Office… http://update.microsoft.com/microsoftupdate

Microsoft’s security strategy in five steps Step Three: Active Protection Technology Windows Firewall ISA Server Anti-Virus (GeCAD, Sybari) Anti-Spyware More in planning (e.g. vulnerability assessment)

Complements traditional Antivirus technologies by providing one tool that removes prevalent viruses and worms from a PC Updated monthly to remove prevalent malware Targeted at consumers without antivirus Enterprise deployable as part of a defense-in-depth strategy Available through: Windows Update Auto Update Online interface MS Download Center Distributed to over 125M PCs

Cleaner Statistics (as of 11 March 2005) Release Days Live Executions Disinfections Value % January 28 124,613,632 239,197 0.1920% February 118,209,670 351,135 0.2970% March 5 84,013,460 149,981 0.1785% Total 61 326,836,762 740,313 0.2265% Source: Microsoft

Spyware removal reduces PC slow down, pop-up ads, and more Scheduled scans help maintain PC security and privacy Continuous protection guards 50+ ways spyware gets on a PC Intelligent alerts handle spyware based on your preferences Global SpyNet™ community helps identify new spyware Automatic signature downloads keep you up-to-date

Microsoft’s security strategy in five steps Step Four: Enabling Secure Business Scenarios Designing Secure Applications (.NET, Visual Studio 2005, Guidelines & Training) Secure Network Architectures Security Features of the Platform (e.g. Windows 2003 PKI, Windows Rights Management)

Microsoft’s security strategy in five steps Step Five: Security Eco System Training and Education Support for Industry Standards (e.g. WS Security) Partnerships (AntiVirus Alliance) Research (Microsoft Research, Sponsorship)

The Longhorn Road IE7 Least-Privilege User Administration New levels of security building on XP SP2 Stronger defenses against phishing, malware and spyware Least-Privilege User Administration Hardware based security: Secure start-up and Volume Encryption Network Access Protection Improved Management of Security Tokens Federated Identity: Infocards And much more ….

© 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.