1. Gabriel Fedorko Microsoft Slovakia

2. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing Security Threats with Microsoft Next Steps

3. Local Area Networks First PC virus Boot sector viruses Create notoriety or cause havoc Slow propagation 16-bit DOS Internet Era Macro viruses Script viruses Create notoriety or cause havoc Faster propagation 32-bit Windows Broadband prevalent Spyware, Spam Phishing Botnets Rootkits Financial motivation Internet wide impact 32-bit Windows Hyper jacking Peer to Peer Social engineering Application attacks Financial motivation Targeted attacks 64-bit Windows

4. National Interest Personal Gain Personal Fame Curiosity Undergraduate Expert Specialist Largest area by volume Largest area by $ lost Script-Kiddy Largest segment by $ spent on defense Fastest growing segment AuthorVandal Thief Spy Trespasser

5. Company understands the importance of security in the workplace Individuals know their role with security governance and compliance IT staff has the security skills and knowledge to support your business Data privacy processes to manage data effectively IT security processes to implement, manage, and govern security Financial reporting processes that include security of the business Helps turn IT into a business asset not a cost center Supports your day to day security processes Is the Enabler to running your business successfully Technology Process People

8. GIAIS VIA Public Policy Industry Partnerships Consumer Awareness Law Enforcement

9. www.microsoft.com/technet/security Security Tools Education and Training Security Readiness

10. Design Threat Modeling Standards, best practices, and tools Security PushFinal Security Review RTM and Deployment Signoff Security Response Product Inception

11. Engineering Excellence Security Development Lifecycle Engineering Excellence Security Development Lifecycle

12. Isolated Trusted Remediation Server Web Server Remote Access Gateway Infrastructure Servers Unmanaged Devices Malicious Users Trusted Home New Customer Unhealthy PC Secure Anywhere Access End-to-end security with IPv6 and IPsec Access driven by policy not topology Certificate based multi-factor authentication Health checks and remediation prior to access Policy-driven network access solutions Windows Firewall with advanced filtering Server and Domain Isolation Network Access Protection (NAP) ISA Server 2006 Intelligent Application Gateway (2007) Windows Filtering Platform

13. Authorization Manager RMS MIIS ADFS Domain/Directory Services Certificate Services Secure collaboration Easily managing multiple identities Government sponsored identities (eID) Hardware supported trust platform Disparate directories synchronization Centralized ID controls and mgmt. Embedded identity into applications Policy Governance / Compliance Role Based Permissions Identity and Data Privacy

14. Consumer/ Small Business Corporate Client Protection Server Protection Edge Protection Simple PC maintenance Anti-Virus Anti-Spyware Anti-Phishing Firewall Performance Tuning Backup and Restore Edge, server and client protection “Point to Point” Solutions Security of data at rest and in transit Mobile workforce Manageability

15. Industry Standards Web Services (WS-*) Open document format (XPS) OpenID Partner Products Network Access Protection EV Certificate support in IE7 Windows CardSpace Windows Security Center Industry Partnerships SecureIT Alliance Microsoft Security Response Alliance Interop Vendor Alliance

16. Engineering Excellence Security Development Lifecycle

17. Microsoft Security Home Page: www.microsoft.com/securitywww.microsoft.com/security Microsoft Forefront: http://www.microsoft.com/forefront/default.mspxhttp://www.microsoft.com/forefront/default.mspx General Information: Microsoft Live Safety Center: http://safety.live.comhttp://safety.live.com Microsoft Security Response Center: www.microsoft.com/security/msrcwww.microsoft.com/security/msrc Security Development Lifecycle: http://msdn.microsoft.com/security/sdlhttp://msdn.microsoft.com/security/sdl Get the Facts on Windows and Linux: www.microsoft.com/getthefactswww.microsoft.com/getthefacts Anti-Malware: Microsoft OneCare Live: https://beta.windowsonecare.comhttps://beta.windowsonecare.com Microsoft Defender (beta 2): www.microsoft.com/athome/security/spyware/software www.microsoft.com/athome/security/spyware/software Spyware Criteria: www.microsoft.com/athome/security/spyware/software/isvwww.microsoft.com/athome/security/spyware/software/isv Guidance Centers: Security Guidance Centers: www.microsoft.com/security/guidancewww.microsoft.com/security/guidance Security Guidance for IT Professionals: www.microsoft.com/technet/securitywww.microsoft.com/technet/security The Microsoft Security Developer Center: msdn.microsoft.com/securitymsdn.microsoft.com/security The Security at Home Consumer Site: www.microsoft.com/athome/securitywww.microsoft.com/athome/security

18. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.