Password1, Password2, Password3 no more: Microsoft drops password expiration rec

For years, Microsoft's baseline security policy has expired passwords after 60 days.

The top five vulnerabilities that could lead to a cyberattack

Have you ever wondered how devastating a cyberattack could be for your enterprise? A recent study by Poneman determined that the average cost of&

Data Breaches: All Your Fault

One part of my job is to understand the compliance landscape. This means that I read a lot about the GDPR and related similar laws. I also have to...

Security Scar Tissue Can Make Organizations Smarter and Stronger

IT pros slammed again and again by security breaches can become desensitized--or they can gain strength from the experiences.

Stop a Login

Securing Code Early

Last year I started to get alerts from Microsoft Repos that someone had put a piece of security information in their code that pertained to one of my Azure services. At first I was worried, but then I realized this was the public version of AdventureWorks we maintain in Azure. We've published the login so […]

Renaming a login

Microsoft's Cloud Email Breach Is a Cause for Concern

NEWS ANALYSIS: Potentially millions of Microsoft email users on Outlook, Hotmail and MSN mail had their email information exposed after a Microsoft support person was breached, exposing a wider...

Microsoft Adds Single Sign-On to Azure

The latest update to Microsoft's Azure AppFabric cloud-computing platform includes support for a harmonized online identity with single sign-on support for multiple credential providers.

Don’t trust the locals: investigating the prevalence of persistent client-side cross-site scripting in the wild

Does your web application make use of local storage? If so, then like many developers you may well be making the assumption that when you read from local storage,...