Perimeter
5/14/2010
01:22 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Microsoft Security In 140 Characters Or Less

When Microsoft's JG Chirapurath said he would stick to Twitter's maximum capacity of 140 characters for his responses in our twitterview last week, he wasn't kidding.

When Microsoft's JG Chirapurath said he would stick to Twitter's maximum capacity of 140 characters for his responses in our twitterview last week, he wasn't kidding.My interview with Chirapurath, senior director of Microsoft's identity and security business group, via Twitter last week was fun, interesting, and frustrating -- all at the same time. I'd never conducted a twitterview before, so this was a refreshing change of venue. JG deftly condensed his responses into bite-sized answers -- some that provided insight into Microsoft's strategies, and others that left me wishing I had more than the 30 minutes we had allotted (lesson learned) so I could drill down more on some of the topics.

And the natural Twitter-time lag time between my tweeted questions and his tweeted responses felt like dead-air moments in a television interview.

But one thing I learned from the twitterview format is that while it limits the verbiage, it doesn't leave much room for marketing speak, and its informality makes it a little more personal. It forces stripped-down responses that cut to the chase.

Aside from not carving out enough time for the twitterview, another mistake I made was forgetting to address JG at his Twitter account, @MS_Forefront, in my first few tweets. Anyway, I'm open to any suggestions to improve the experience, so feel free to hit me with some ideas @DarkReading.

Will Dark Reading twitterview again? Absolutely.

Anyway, in case you missed it or want a recap, here's a "twitterscript" of the interview last week:

DarkReading Kelly Jackson Higgins here for Dark Reading, with JG Chirapurath, sr director of Microsoft's ID & security biz grp. Hi JG. #MSFTtweet 2:30 PM May 6th via web

DarkReading Welcome everyone to our twitterview. #MSFTtweet 2:32 PM May 6th via web

DarkReading JG, are you ready to start? #MSFTtweet 2:33 PM May 6th via web

MS_Forefront @DarkReading ready when you are ... I feel 140 charac pithy this AM ^JGC 2:35 PM May 6th via CoTweet

DarkReading Great. What struck me among the anncmnts yesterday by MSFT was the support for 5 different vendor AV engines. Why multivendor? #MSFTtweet 2:37 PM May 6th via web

DarkReading (and feel free to go over 140--I'll remain pithy) .;-) #MSFTtweet 2:37 PM May 6th via web

MS_Forefront@DarkReading - Multivendor coz no one vendor can catch or see all the threats out there. This is the way to go #MSFTtweet 2:39 PM May 6th via CoTweet

DarkReadingWill we see more of this mulitivendor strategy by MSFT in other products? If so, can you say which ones? #MSFTtweet 2:40 PM May 6th via web

MS_Forefront @DarkReading 4 sure in the sec. FPE/FOPE already uses it. TMG uses cloud with info from industry to enable web filtering. ^JGC #MSFTtweet 2:42 PM May 6th via CoTweet

DarkReadingThere's been a lot of discussion of the future of signature-based scanning. How does MSFT see the role of signatures evolving? #MSFTtweet 2:45 PM May 6th via web

MS_Forefront@DarkReading There's always a role for it but the key trend is aggregating thrt int - we vendors have to work 2gether better ^JGC #MSFTtweet 2:48 PM May 6th via CoTweet

DarkReadingOne of our readers asks what advantage is of Forefront Protection for SharePoint 2010 --doesn't it rely (mainly) on signatures? #MSFTtweet 2:49 PM May 6th via web

MS_Forefront@DarkReading 3 thngs. Deep integ w/ SP2010 & BPOS.Prvnts users from up/dwnldng infect docs. Multiengines. Ups the game IMHO ^JGC #MSFTtweet 2:53 PM May 6th via CoTweet

@MS_Forefront How does the new Active Directory FS 2.0 work with CardSpace, and how will it with CardSpace 2.0? #MSFTtweet 2:55 PM May 6th via web

MS_Forefront@DarkReading we're delivering a Cardspace CTP that enables released ADFS 2.0 in WinServer to issue InfoCards ^JGC #MSFTtweet 3:00 PM May 6th via CoTweet

DarkReading@MS_Forefront (Shifting gears a bit here): What is the status of the U-Prove crypto technology MSFT announced at the RSA con? #MSFTtweet 3:03 PM May 6th via web

MS_Forefront@DarkReading - cntng to invest. Rlsd CTP @ RSA int U-Prove with ADFS, WIF. Rlsd a 2nd spec via OSP dscrbng int using WS* & InfoCards. ^JGC 3:08 PM May 6th via CoTweet

MS_Forefront @DarkReading - Got to run. Thanks very much. This was a lot of fun. Let's do this again soon. ^JGC #MSFTtweet 3:09 PM May 6th via CoTweet

DarkReading@MS_Forefront Thank you for your time, JG. We'll have to carve out more time next time. #MSFTtweet 3:11 PM May 6th via web

-- Kelly Jackson Higgins, Senior Editor, Dark Reading Follow Kelly (@kjhiggins) on Twitter: http://twitter.com/kjhiggins Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Title Partner’s Role in Perimeter Security
Title Partner’s Role in Perimeter Security
Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5427
Published: 2015-03-29
Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to read pa...

CVE-2014-5428
Published: 2015-03-29
Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integratio...

CVE-2014-9205
Published: 2015-03-29
Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data.

CVE-2015-0528
Published: 2015-03-29
The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files.

CVE-2015-0996
Published: 2015-03-29
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive info...

Dark Reading Radio
Archived Dark Reading Radio
Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.