Security > Home >  Information Security

Information Security

A community of information security resources.

The Microsoft IT’s Information Security (InfoSec) group is responsible for information security risk management at Microsoft. We concentrate on information protection as well as enterprise business continuity planning. Our mission is to accelerate secure and reliable business for Microsoft, partners and customers. InfoSec is comprised of professionals of various disciplines including architects, developers, program managers, technologists and analysts.

Featured Stories

Steven MichaloveDogfooding: Product Influence

Looking at what risk might look like in the future is key.

Don NguyenDogfooding Phase 1: Evaluating Risk

Policies need to change? Also, time for a risk assessment.

Price OdenDogfooding Phase 2: Security Features

"We assess security-related features in upcoming Microsoft products"

Mark SmithHow Microsoft IT Dogfoods

Mark explains how IT handles security in the early stages of a product.

More Channel 9 Videos >
More Edge Videos >

Recently

Security Tools BlogIntegrating Risk Tracker with HR Feeds

"A core functionality of Risk Tracker is the AuthZ component."

ACE Team BlogRisk Management in Risk Tracker

Built on CISF, it captures & tracks high level security risks to then be reduced.

Awareness Blog Series

Todd Kutzke describes the 3-pronged problem: people, process & technology.

SDL-LOB Blog Series

Follow the series to understand the process in detail. Intro, Phase 1, 2, 3, 4, 5

Anti-XSS Library 3.0 RTM

MSDN download center is updated with the new binaries. Read at the IST blog.

How-Do-I Videos

How-Do-ISanitize HTML with Anti-XSS Library 3.1

New! This is using a new feature in the new version of the library. Learn to use it.

How-Do-ISQL Server 2008 Policy Management

Learn how this feature allows creation of policies on a SQL server instance.

How-Do-IDefend from SQL Truncation Attacks

See how truncation and escaping single quotes result in a SQL injection attack.

How-Do-IUse VRTA & Netmon to Check Site Perf

Virtual Roundtrip Analyzer to check site perf and trace frames in Network Monitor.

How-Do-ICreate a Unit Test to Test a SQL SPROC

VSTS 2008 to create a unit test to test a SQL stored proc by binding a CSV file.

InfoSec Blogs

Tools

ACE Services

Learn here how we can help you enable secure and reliable business for your company.

Page view tracker