On Disingenuous Analysis and Transparency

So, I am perusing security blogs this weekend and I read this interesting entry by Mark Cox of Red Hat about transparency where he says “…the Microsoft PR engine has been churning out disingenuous articles and doing demonstrations based on vulnerability count comparisons.”    In general, I think Mark’s a good guy with a hard job, doing the best he can to be open and transparent.  In my opionion, his team … Read more »

Microsoft and Security

As my first content-ful blog topic, I want to digress a little and talk about security and Microsoft and my own opinions on how both relate.  After all, I work at Microsoft as a Director in the Security group and my blog is a Microsoft technet blog.  I imagine that it might be helpful in future discussions if I articulate certain opinions and assumptions that help form the context for my personal viewpoint.  I … Read more »

Obligatory Introduction and Welcome

After waffling and talking about it for a long time, I’ve finally started my security blog.  As with any new adventure, I should pause for a few solemn moments and reflect upon how I reached this point of our story. I’m a Hoosier born and bred, from the southern part of the state, though I haven’t lived there in 20 years.  I’m a Purdue and later USC grad in computer engineering. … Read more »