Assume Breach: An Inside Look at Cloud Service Provider Security

Assume Breach: An Inside Look at Cloud Service Provider Security

Great summary of Azure CTO Mark Russinovich’s presentation at the 2015 RSA conference by Rob Wright.

Azure security is split into three categories. The first is protection, which features components such as identity and access and vulnerability management. The second is detection, which includes auditing, logging, monitoring and penetration testing. And the third category is response, which involves breach containment and customer notification.

Cloud services are appealing targets for hackers and cybercriminals, according to Russinovich.

“It’s easy to get a free trial,” he said. “And once you get a free trial, you have at your disposal huge network pipes, lots of compute power, and you’ve got a concentration of vulnerable assets in the cloud, which are the other customers in that cloud.”

Microsoft looks at best — and worst — practices for Azure security (TechTarget)

Mark Russinovich’s RSA slides

Open Source for Microsoft Windows, just a mater of time

Open Source for Microsoft Windows, just a mater of time

Developers have been “hammering” on Microsoft since the early 2000s when the LAMP stack took off.  One of the reasons that LAMP flourished were complaints about performance and reliability of Internet Information Server (IIS) and the lack of API documentation for Windows 2000 and 2003.  Microsoft has seen the same problem with Internet Explorer (IE) which led to Chrome, Firefox and Safari’s domination of the consumer market.  If it weren’t for business applications tied (read “handcuffed”) to IE, Microsoft’s browser market share would be similar to the Windows Phone.  On that note, in my opinion, open source for the Windows Phone is too late. It’s a moribund OS (unless Microsoft buys a product like Xamarin).

The goods news is “there’s a new sheriff in town” (I’m dating myself with a reference to character Reggie Hammond in 48 hours).  There’s some interesting new developments and an interesting quote from the Azure CTO.

“It’s definitely possible,” Russinovich says. “It’s a new Microsoft.”

Full Story: Wired