Michael Howard on Secure by Design vs Secure by Default
Description
Michael Howard, Senior Director at Microsoft joins Nic Fillingham on this week's episode of The BlueHat Podcast. Michael shares his journey at Microsoft, starting from his early days in New Zealand as part of a small team of ten. He discusses his extensive career, his contributions to cybersecurity, and his role in the development of essential security books like "Writing Secure Code" and "The Security Development Lifecycle." Michael reflects on the importance of fundamental security principles and how they remain relevant today. He also touches on his recent move within Microsoft to John Lambert's team, where he continues to focus on security culture and education. The conversation delves into the origins of the Blue Hat conference, Michael's experiences at the first event, and the ongoing significance of secure coding practices and mitigations.
In This Episode You Will Learn:
- Critical aspects of secure software development and pivotal moments in Microsoft's security
- The importance of using specific coding constructs and libraries to improve security
- Findings on vulnerabilities that spurred significant security improvements in SQL Server
Some Questions We Ask:
- How do you deploy security patches effectively while minimizing disruptions?
- What coding constructs and compiler flags did you recommend for better security?
- How did external researchers at Blue Hat conferences impact Microsoft's culture?
Resources:
View Michael Howard on LinkedIn
View Nic Fillingham on LinkedIn
The Microsoft Azure Security Podcast
Michael Howard (@michael_howard) on X (twitter.com)
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.