Entries for Jeff Jones

MiniFuzz Overview and Demo

Jeff Jones — Wed, 16 Sep 2009 11:33:00 GMT

This brief video gives a brief overview of the MiniFuzz File Fuzzer and then walks through how to configure and use MiniFuzz to perform fuzz testing on an application. The walkthrough launches MiniFuzz as an add-on to Visual Studio and demonstrates integration with TFS, showing automatic creation of work items from detected crashes.

Download MiniFuzz here to get started with this easy to use file fuzzing tool

Learn more about the Microsoft Security Development Lifecycle (SDL) and tools Microsoft has published at the SDL Tool Repository site.

BinScope Overview and Demo

Jeff Jones — Wed, 16 Sep 2009 11:33:00 GMT

This brief video gives a brief overview of the BinScope Binary Analyzer and then walks through how to configure and use BinScope to analyze an application within Visual Studio. The walkthrough demonstrates integration with TFS and the SDL Process Template, showing easy creation of work items from detected problems.

Download BinScope here and begin leveraging the verification capabilities of BinScope immediately

Learn more about the Microsoft Security Development Lifecycle (SDL) and tools Microsoft has published at the SDL Tool Repository site.

SecurityGuy 002: Thomas Dawkins and MSAT Tool [SecurityGuy 002: Thomas Dawkins and MSAT Tool]

Jeff Jones — Fri, 12 Dec 2008 20:45:00 GMT

Thomas Dawkins works with me here in the Trustworthy Computing group at Microsoft and one of his key projects is the Microsoft Security Assessment Tool (MSAT). In this interview, I talk to Thomas about what got him interested in security and why he is pursuing a security career at Microsoft. We additionally discuss the MSAT and how it helps solve a commom security problem for customers - helping establish a baseline for security in their Enterprise and manage an action plan for resolutions.

in reply to SecurityGuy 002: Thomas Dawkins and MSAT Tool

1H08 Vulnerability Trends - Part 2 - Microsoft [1H08 Vulnerability Trends - Part 2 - Microsoft]

Jeff Jones — Tue, 18 Nov 2008 16:31:00 GMT

Microsoft published the Security Intelligence Report v5 last week, and as the contributor responsible for vulnerability trend analysis, I thought it would be interesting to present the information on my sections.

This second (of two) video covers Microsoft software trends for vulnerability disclosures for the first half of 2008.

in reply to 1H08 Vulnerability Trends - Part 2 - Microsoft

1H08 Vulnerability Trends - Part1 - Industry [1H08 Vulnerability Trends - Part1 - Industry]

Jeff Jones — Thu, 06 Nov 2008 21:35:00 GMT

Microsoft published the Security Intelligence Report v5 this week, and as the contributor responsible for vulnerability trend analysis, I thought it would be interesting to present the information on my sections.

This first (of two) video covers industry-wide trends for vulnerability disclosures, severity and other factors for the first half of 2008.

in reply to 1H08 Vulnerability Trends - Part1 - Industry

SecurityGuy 001 - Interview with MSRC Leader Mike Reavey

Jeff Jones — Thu, 05 Jun 2008 17:11:00 GMT

Mike Reavey is the Group Manager for the Microsoft Security Response Center (MSRC), where he has worked since joining Microsoft about five years ago. In this interview, I talk to Mike about what got him interested in security and why he is pursuing a security career at Microsoft. We additionally discuss how the MSRC interaction with customers drives change in the security response process.

Mike is a contributor to the MSRC Blog, where you can here more from the MSRC team on current security issues.

Regards ~ Jeff