KEYNOTE: Some Lessons from the Trenches by Michael Howard

Presented at AppSec USA 2012, Oct. 26, 2012, 9 a.m. (45 minutes).

During the last year, Michael has moved from working with internal Microsoft product groups, such as Windows, Xbox, Windows Azure and Visual Studio to working more closely with Microsoft customers to help them improve their secure software design and development practices. During this time he has learned a great deal about mapping internal Microsoft thinking to the "real world." In this keynote, Michael will share some of those experiences and describe some of the successful recommendations.


Presenters:

  • Michael Howard - Principal Cybersecurity Architect - Microsoft
    Michael Howard is a principal cybersecurity architect in the Public Sector Services group. Prior to that, he was a principal security program manager on the Trustworthy Computing (TwC) Group's Security Engineering team at Microsoft, where he was responsible for managing secure design, programming, and testing techniques across the company. Howard is an architect of the Security Development Lifecycle (SDL), a process for improving the security of Microsoft's software. Howard began his career with Microsoft in 1992 at the company's New Zealand office, working for the first two years with Windows and compilers on the Product Support Services team, and then with Microsoft Consulting Services, where he provided security infrastructure support to customers and assisted in the design of custom solutions and development of software. In 1997, Howard moved to the United States to work for the Windows division on Internet Information Services, Microsoft's next-generation web server, before moving to his current role in 2000. Howard is an editor of IEEE Security & Privacy, a frequent speaker at security-related conferences and he regularly publishes articles on secure coding and design, Howard is the co-author of six security books, including the award-winning Writing Secure Code, 19 Deadly Sins of Software Security, The Security Development Lifecycle, Writing Secure Code for Windows Vista and his most recent release 24 Deadly Sins of Software Security.

Links:

Similar Presentations: