微软安全开发生命周期(SDL)在关键基础设施保护领域得到应用

http://blogs.technet.com/b/twcchina/archive/2012/05/23/sdl.aspx

2012信息安全论坛暨科技展总结

http://blogs.technet.com/b/twcchina/archive/2012/03/30/3489276.aspx

很详很详的解

http://blogs.technet.com/b/twcchina/archive/2012/05/07/mapp.aspx

新浪微博：http://weibo.com/microsofttwc

腾讯微博：http://t.qq.com/MicrosoftTwC

博客：http://blogs.technet.com/b/twcchina

欢迎收听、转发、顶起，谢谢！

有很多朋友问我的blog怎么不更新了，一是人懒，二是现在大家都微weibo了。

我也搞了个weibo：http://weibo.com/secway

占个关键字，这东西现在太火爆了。秒杀什么SNS - 开心 人人，有木有？

新工具，扫扫看自己的软件有啥问题

The Attack Surface Analyzer beta is a Microsoft verification tool now available for ISVs and IT professionals to highlight the changes in system state, runtime parameters and securable objects on the Windows operating system. This analysis helps developers, testers and IT professionals identify increases in the attack surface caused by installing applications on a machine.

Microsoft Attack Surface Analyzer

祝大家新的十年各有所成！

--“未来，总在想象之外”

Intel 76.8亿美金收购McAfee

恭喜kq,dm, vessial, shocker等一票人！

Intel to buy McAfee in $7.68 billion deal

Experimental Security Analysis of a Modern Automobile PDF

Security and Privacy Vulnerabilities of In-Car Wireless Networks PDF

Blog: Hacking Cars Through Wireless Tire-Pressure Sensors

准确地说，收购ing...

HP buying cyber security firm Fortify Software

PALO ALTO, Calif. -- Hewlett-Packard Co. says it is buying Fortify Software to beef up its cyber security offerings.

The company did not disclose financial terms of the buyout Tuesday.

Fortify is a privately held company based in San Mateo, Calif. It helps businesses identify an

Microsoft SDL团队发布了一篇Paper阐述SDL中的软件安全培训

Essential Software Security Training for the Microsoft SDL，下载

包括如下内容：

1. Overviews of Software Security Training: purpose, goals, and characteristics

2. A description of the Microsoft SDL core training courses,

3. Descriptions of advanced training content and topics

A Roadmap for Cybersecurity Research

1. Scalable trustworthy systems (including system architectures and requisite development methodology)
2. Enterprise-level metrics (including measures of overall system trustworthiness)
3. System evaluation life cycle (including approaches for sufficient assurance)
4. Combating insider threats
5. Combating malware and botnets
6. Global-scale identity management
7. Surviv

新浪财经讯 北京时间7月8日晚间，波音公布了近几周来第二桩收购交易：收购防范计算机被攻击软件开发商Narus。

　　Narus将成为波音军工业务麾下网络和空间系统部门的一个全资子公司。Narus还从事智能电力网项目的开发，这将有助于波音保护内部电脑网络。

　　Narus是一家未上市公司，总部位于加州Sunnyvale，目前雇有约150名员工。今天波音未透露交易的细节，仅表示预计收购将在今年第三季度内完成。

　　上周波音宣布，将以约7.75亿美元的价格收购战争工程公司Argon。Argon的总部位于弗

通过转贴占领关键词：McAfee reveals Security-as-a-Service strategy

http://malware.cbronline.com/news/mcafee_reveals_securityasaservice_strategy_090720