Skip to main content

Information Security

A community of information security resources.

The Microsoft IT’s Information Security (InfoSec) group is responsible for information security risk management at Microsoft. We concentrate on information protection as well as enterprise business continuity planning. Our mission is to accelerate secure and reliable business for Microsoft, partners and customers. InfoSec is comprised of professionals of various disciplines including architects, developers, program managers, technologists and analysts.

  Featured Stories

Kevin Harris Technical Dependency Analysis

Each technical layer needs to have its own recovery time objective.

Tom Easthope Business Continuity Management

The goal should be to create and maintain operational resiliency.

Tom Easthope Using the Business Impact Analysis

Provides qualitative & quantitative measures in the event of a disruption.

Maqbool Malik CAT.NET Configuration Analysis Engine

A significant update in v2.0 with the goal to identify vulnerabilities at all layers.

More Channel 9 Videos >
More Edge Videos >


Security Tools Blog How to Run CAT.NET 2.0 CTP

This new version includes a command line tool for now; learn how to use it.

Security Tools Blog How to Configure WPL 1.0 SRE

It now includes a SQL Injection Detection module, learn how to configure SRE.

InfoSec Blog InfoSec's A&P

The suite is made up of a technology stack of protection & assessment tools.

Security Tools Blog New Versions for Security Tools

3 new Community Tech Previews (CTP) for web developers ready for download!

ACE Team Blog Dogfooding: Product Influence

Looking at what risk might look like in the future is key.

How-Do-I Videos & Webcasts

How-Do-I How to Use the Web Protection Library

New! Known as Anti-XSS Library, a CSS encoding sample & SRE demo is shown.

How-Do-I Identify & Fix Config Issues with WACA

New! Quick demo of a scanned machine, explanation of results and mapping to TFS.

Events & Webcasts Detecting & Mitigating Using CAT.NET

New! Thur, Feb 25, 2010 1:00PM Pacific
Learn how the tool includes FxCop security rules among new features. Register

How-Do-I Sanitize HTML with Anti-XSS Library 3.1

This is using a new feature in the new version of the library. Learn to use it.

How-Do-I SQL Server 2008 Policy Management

Learn how this feature allows creation of policies on a SQL server instance.


ACE Services

Learn here how we can help you enable secure and reliable business for your company.