Perimeter
5/14/2010
01:22 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Microsoft Security In 140 Characters Or Less

When Microsoft's JG Chirapurath said he would stick to Twitter's maximum capacity of 140 characters for his responses in our twitterview last week, he wasn't kidding.

When Microsoft's JG Chirapurath said he would stick to Twitter's maximum capacity of 140 characters for his responses in our twitterview last week, he wasn't kidding.My interview with Chirapurath, senior director of Microsoft's identity and security business group, via Twitter last week was fun, interesting, and frustrating -- all at the same time. I'd never conducted a twitterview before, so this was a refreshing change of venue. JG deftly condensed his responses into bite-sized answers -- some that provided insight into Microsoft's strategies, and others that left me wishing I had more than the 30 minutes we had allotted (lesson learned) so I could drill down more on some of the topics.

And the natural Twitter-time lag time between my tweeted questions and his tweeted responses felt like dead-air moments in a television interview.

But one thing I learned from the twitterview format is that while it limits the verbiage, it doesn't leave much room for marketing speak, and its informality makes it a little more personal. It forces stripped-down responses that cut to the chase.

Aside from not carving out enough time for the twitterview, another mistake I made was forgetting to address JG at his Twitter account, @MS_Forefront, in my first few tweets. Anyway, I'm open to any suggestions to improve the experience, so feel free to hit me with some ideas @DarkReading.

Will Dark Reading twitterview again? Absolutely.

Anyway, in case you missed it or want a recap, here's a "twitterscript" of the interview last week:

DarkReading Kelly Jackson Higgins here for Dark Reading, with JG Chirapurath, sr director of Microsoft's ID & security biz grp. Hi JG. #MSFTtweet 2:30 PM May 6th via web

DarkReading Welcome everyone to our twitterview. #MSFTtweet 2:32 PM May 6th via web

DarkReading JG, are you ready to start? #MSFTtweet 2:33 PM May 6th via web

MS_Forefront @DarkReading ready when you are ... I feel 140 charac pithy this AM ^JGC 2:35 PM May 6th via CoTweet

DarkReading Great. What struck me among the anncmnts yesterday by MSFT was the support for 5 different vendor AV engines. Why multivendor? #MSFTtweet 2:37 PM May 6th via web

DarkReading (and feel free to go over 140--I'll remain pithy) .;-) #MSFTtweet 2:37 PM May 6th via web

MS_Forefront@DarkReading - Multivendor coz no one vendor can catch or see all the threats out there. This is the way to go #MSFTtweet 2:39 PM May 6th via CoTweet

DarkReadingWill we see more of this mulitivendor strategy by MSFT in other products? If so, can you say which ones? #MSFTtweet 2:40 PM May 6th via web

MS_Forefront @DarkReading 4 sure in the sec. FPE/FOPE already uses it. TMG uses cloud with info from industry to enable web filtering. ^JGC #MSFTtweet 2:42 PM May 6th via CoTweet

DarkReadingThere's been a lot of discussion of the future of signature-based scanning. How does MSFT see the role of signatures evolving? #MSFTtweet 2:45 PM May 6th via web

MS_Forefront@DarkReading There's always a role for it but the key trend is aggregating thrt int - we vendors have to work 2gether better ^JGC #MSFTtweet 2:48 PM May 6th via CoTweet

DarkReadingOne of our readers asks what advantage is of Forefront Protection for SharePoint 2010 --doesn't it rely (mainly) on signatures? #MSFTtweet 2:49 PM May 6th via web

MS_Forefront@DarkReading 3 thngs. Deep integ w/ SP2010 & BPOS.Prvnts users from up/dwnldng infect docs. Multiengines. Ups the game IMHO ^JGC #MSFTtweet 2:53 PM May 6th via CoTweet

@MS_Forefront How does the new Active Directory FS 2.0 work with CardSpace, and how will it with CardSpace 2.0? #MSFTtweet 2:55 PM May 6th via web

MS_Forefront@DarkReading we're delivering a Cardspace CTP that enables released ADFS 2.0 in WinServer to issue InfoCards ^JGC #MSFTtweet 3:00 PM May 6th via CoTweet

DarkReading@MS_Forefront (Shifting gears a bit here): What is the status of the U-Prove crypto technology MSFT announced at the RSA con? #MSFTtweet 3:03 PM May 6th via web

MS_Forefront@DarkReading - cntng to invest. Rlsd CTP @ RSA int U-Prove with ADFS, WIF. Rlsd a 2nd spec via OSP dscrbng int using WS* & InfoCards. ^JGC 3:08 PM May 6th via CoTweet

MS_Forefront @DarkReading - Got to run. Thanks very much. This was a lot of fun. Let's do this again soon. ^JGC #MSFTtweet 3:09 PM May 6th via CoTweet

DarkReading@MS_Forefront Thank you for your time, JG. We'll have to carve out more time next time. #MSFTtweet 3:11 PM May 6th via web

-- Kelly Jackson Higgins, Senior Editor, Dark Reading Follow Kelly (@kjhiggins) on Twitter: http://twitter.com/kjhiggins Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.