SEARCH RESULTS
 
Showing 1-10 of 21 records
 
Expand article

Show 006 - An Interview with Michael Howard

The Article has images The Article has audio podcast
2006-09-28 20:11:47 by rmacmich in The Silver Bullet Security Podcast
...Howard, the Senior Security Program Manager of Microsofts Security Technology Unit. Michael has been at Microsoft since 1992 and discusses what it has been like watching the company come to grips with software security. Michael continues to play a key roll in implementing the Trustworthy Computing Initiative at Microsoft. Gary and Michael...
 
Tags: michael, michael howard, michael continues, michael howards blog, desert island book, desert island, security features, features, trustworthy
 
 
 
 
Expand article

Poor security quality in software. Someone is watching over me.

The Article has images
2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit
...Howard Schmidt about the vulnerabilities in purchased software while Howard was waiting on line to have his iPhone upgraded Howard Schmidt, who was once the CSO of Microsoft, knows a thing or two about vendors shipping insecure software. He offers this advice relating to his iPhone, Just because a piece of software was distributed through...
 
Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance
 
 
 
 
Expand article

Poor Security Quality In Software; Someone Is Watching Over Me

The Article has images
2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit
...Howard Schmidt about the vulnerabilities in purchased software while Howard was waiting on line to have his iPhone upgraded Howard Schmidt, who was once the CSO of Microsoft, knows a thing or two about vendors shipping insecure software. He offers this advice relating to his iPhone, Just because a piece of software was distributed through...
 
Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...Howard has pointed out before , we do our best to ensure that the SDL incorporates lessons learned from vulnerabilities that required us to release security updates. It turns out that the animated cursor bug patched in MS07-017 had a positive impact on the automatic triaging our fuzz testing tools perform. In this post, I'd like to shed some...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

Fortify Documentary

2008-01-11 17:24:34 by RSnake in ha.ckers.org web application security lab
 
...Howard Schmitt (ex cyber security czar for the United States, who replaced Richard Clarke), We should never ever ever be so arrogant to think that were not a potential victim or our data has not been compromised or that theres not some adversary out there thats just as smart if not smarter than we are who wont be able to compromise that data....
 
Tags: documentary, cyber security czar, howard, howard schmitt, global economy, richard clarke, data, potential victim, jeremiahs site
 
 
 
 
Expand article

700,000 records on stolen CCB server

The Article has images
2008-04-22 14:57:38 by Evan Francen in The Breach Blog
...Howard Alig MD, Howard Regional Health System, Indiana Radiology Partners, Indiana Spine Group, Indiana General Surgery, Indiana Medical Network, Indpls Neurosurgical Group, Internal Medicine Plus, JCB Anesthesia & Pain Mgt, Jeffrey Stevens DPM, Jennifer Siegel DDS, JMH Health Affiliates, John Jackson DC, John Norris MD, Johnson Co...
 
Tags: dds, gary taylor dds, gary hunt dds, lawrence falender dds, joseph meek dds, caryn guba dds, mark ellis dds, sarah akard dds, ccb
 
 
 
 
Expand article

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle
 
...Howard discussed in his post on security metrics , trying to objectively quantify and measure How secure is secure is far more difficult than one might think. Id like to share my perspective that there are two dimensions useful to consider when characterizing software security metrics: security functional requirements and security engineering...
 
Tags: security metrics, software security metrics, implementation vulnerabilities, potential implementation vulnerabilities, metrics, secure, software, discretionary security protection, security protection
 
 
 
 
Expand article

Microsoft Security Elves

The Article has images
2007-12-18 00:00:32 by jrjones in Jeff Jones Security Blog
...Howard , Vinny Gullotto and Mike Reavey . Here is a snapshot from the video - you can also click on this picture to see the whole thing Best wishes during this Holiday Season Jeff Share this post
 
Tags: holiday season, jeff jones, jeff, security improvement, michael howard, vinny gullotto, video, mike reavey, interaction
 
 
 
 
Expand article

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle
 
...Howard and Shawn Hernan did an analysis of our bulletins and some CERT and CVE data. Their goal was to validate work they'd done on threat trees. (Covered in the SDL book.) They were looking for classes of things that would cause us to ship updates. Thats tremendously important, so Ill repeat it. They were looking for classes of things that...
 
Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats
 
 
 
 
Expand article

Who Are the Information Security Experts?

2008-02-13 19:12:03 by Chris Wysopal in Zero in a bit
 
...Howard, Microsoft HD Moore, Metasploit Dave Aitel, Immunity Bronwen Matthews, Microsoft John Pescatore, Gartner Rob Thomas and Team Cymru Stefan Esser, Hardened PHP Project I dont see any SPI Dynamics or HP people on this arguably less biased list. I do see 3 of my former collegues from @stake: Dave Aitel, Dino Dai Zovi, and Window Snyder....
 
Tags: security, security hackers, computer security specialists, security people due, spi dynamics, spi dynamics acquisition, people, google security team, dino dai zovi