Download presentation
Presentation is loading. Please wait.
Published byIlene Powell Modified over 9 years ago
1
Välkommen till Forefront Tour 2008!
3
Forefront Partners här idag
4
Gartner gillar IAG2007! Magic Quadrant for SSL VPN 3Q07
5
Magic Quadrant for Endpoint Protection Platforms, 2007 * * Magic Quadrant for Endpoint Protection Platforms, 2007. Peter Firstbrook. Publication Date: 21 December 2007 / ID Number: G00153291 Gartner gillar Forefront Client Security
6
Michael Anderberg, CISSP Acting Chief Security Advisor Blog: http://michaelanderberg.se Microsoft Sweden
7
Local Area Networks First PC virus Boot sector viruses Create notoriety or cause havoc Slow propagation 16-bit DOS Internet Era Macro viruses Script viruses Create notoriety or cause havoc Faster propagation 32-bit Windows Broadband prevalent Spyware, Spam Phishing Botnets Rootkits Financial motivation Internet wide impact 32-bit Windows Hyper jacking Peer to Peer Social engineering Application attacks Financial motivation Targeted attacks 64-bit Windows
8
Technology Process People IT is a strategic asset Users look to IT as a valued partner to enable new business initiatives IT Staff manages an efficient, controlled environment Users have the right tools, availability, and access to info IT Staff trained in best practices such as MOF, ITIL, etc. Users expect basic services from IT IT staff taxed by operational challenges Users come up with their own IT solutions Self-assessing and continuous improvement Easy, secure access to info from anywhere on Internet SLAs are linked to business objectives Clearly defined and enforced images, security, best practices Central Admin and configuration of security Standard desktop images defined, not adopted by all IT processes undefined Complexity due to localized processes and minimal central control Self provisioning and quarantine capable systems ensure compliance and high availability Automate identity and access management Automated system management Multiple directories for authentication Limited automated software distribution Patch status of desktops is unknown No unified directory for access mgmt BasicStandardizedRationalizedDynamic Improve IT Maturity while Gaining ROI $1320/PC Cost$580/PC Cost $230/PC Cost < $100/PC Cost
10
Public Policy Industry Partnerships Consumer Awareness Law Enforcement
11
www.microsoft.com/technet/security Security Tools Education and Training Security Readiness www.microsoft.com/itshowcase
12
void function(char *p) {... char buff[16]; strcpy(buff,p);... } void func(char *b1, size_t c1, char *b2, size_t c2) { const size_t MAX = 48; if (c1 + c2 > MAX) return; char * pBuff = new char[MAX]; memcpy(pBuff,b1,c1); memcpy(pBuff+c1,b2,c2); } Does the code run by default? Does that code run with elevated rights? Does have a network socket? Is it written in C/C++? Is the code in any way related to Privacy? Is the code openly available for security researchers?
13
Design Threat Modeling Standards, best practices, and tools Security PushFinal Security Review RTM and Deployment Signoff Security Response Product Inception
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.