Windows Threats and Countermeasure Session

Last week I was in Brazil and I had a chance to participate in the biggest Microsoft event in Latin America, TechED Brazil. One of the sessions that I delivered there was SIA301 (more info in Portuguese in this post), where I co-presented with Alberto Oliveira, a Microsoft Forefront MVP.  We divided the session in…


From End to Edge and Beyond at TechED Brazil 2011

Here is a sample of what’s coming on Episode 9 of our Security Talk show: Interviews with: Paulo Oliveira (Microsoft Forefront MVP) – about a recent experience that he had with Windows 7 deployment and security features that his company is using. Rodrigo Immaginario (Microsoft Enterprise Security MVP) – about Direct Access, covering some aspects…


Rediscover security guidance from Microsoft Solution Accelerators

Ever wonder what happened to the security guides from Microsoft Solution Accelerators? Your go-to security guidance from Solution Accelerators hasn’t disappeared, it’s just been repackaged. The previously stand-alone Microsoft product-specific security guides are now included within the Microsoft Security Compliance Manager (SCM) tool. To simplify: Stand-alone security guides à Security Compliance Management Toolkit à Security…


Exploring the Windows Security Survival Guide - Confidentiality

Before start today’s topic I want to quickly bring awareness that the Windows Security Survival Guide is featured at April’s Microsoft Security Newsletter, more info can be found at http://technet.microsoft.com/en-us/security/dd162324 . There you find the link to the Windows Security Survival Guide in the Security Guidance section as shown below: Today we will talk about…


Exporting Certificates using CertUtil

There are many instances where you need to move a server to a new hardware. What you will carry from the old server to the new one will vary; you need to plan according to the server role in order to create your own checklist. Recently I had to move my own TMG Server to…


Exploring the Windows Security Survival Guide - Availability

Today, the Exploring Windows Security Survival Guide brings another security triad, called Availability. This is a very important element as today the vast majority of the online business can’t afford to be unavailable for too much time. But it is not only online business that can’t afford downtime; in nowadays all business are working in…


Too much rights means more risk - using standard users

When Microsoft released Windows Vista one of the features that I was more amazed from the architecture perspective was UAC. As during that time I was working at Microsoft CSS Enterprise Support I also heard the other side of the coin and heard many complaints from customers about the amount of authentication prompt. It was…


Exploring the Windows Security Survival Guide - Integrity

Last February when I wrote the Windows Security Survival Guide on the TechNet Wiki my goal was to create a document where we emphasize Windows features and functionalities that supports the security pillars of Confidentiality, Integrity and Availability. The goal of this series of blog posts that I’m going to write here is to explore…


Windows Security Survival Guide

Yesterday I post my first WiKi article, it is about Windows Security and the core Windows foundation to cover the security triad (Confidentiality, Integrity and Availability). Many IT Pros sometimes jump directly to try to hardening the system without first step back and analyze the business needs as well as how to cover the core…