There are no “silver bullets” when it comes to addressing security threats. Any sustainable solution requires quality technology, rigorous security management processes, and a comprehensive approach to addressing threats through identity management and access control.
What’s the real story on the security vulnerabilities of Windows Server and Linux?
Get more information about the Microsoft comprehensive commitment to building secure products, guidance from a variety of real-world businesses and industry experts, and best practices for hardening your IT infrastructure.
Related Case Studies
Golden Pyramids Plaza Golden Pyramids Plaza built a more secure and reliable infrastructure by switching from its Linux-based communications and collaboration system to an integrated Microsoft solution.
Read the Case Study
City of Uppsala Microsoft technology met the higher security requirements and provided superior support than Linux.
Read the Case Study
Radioshack Radioshack chooses Windows over Linux; Improves system security and reduces exposure to the risk of intellectual property infringement claims.
Read the Case Study
Industry Research
SDL Series - Article #7: Evolution of the Microsoft Security Development Lifecycle In this article, you will see how lessons learned over the years have fed back into the SDL to increase its effectiveness. The SDL today is the product of lessons learned across many products, over many years.
Read the Report
SDL Series - Article #6: Microsoft’s Security Response Every vendor must plan a robust security response to use after products are released. In this article, you will see how Microsoft fixes vulnerabilities after release, and works with security researchers to learn the state of the art attacks.
Read the Report
SDL Series - Article #5: Microsoft's Security Toolbox Microsoft makes heavy use of tools throughout the Security Development Lifecycle. In this article, you will see how tools assist in threat modeling, code analysis, and penetration testing.
Read the Report
SDL Series - Article #4: Threat Modeling at Microsoft Security doesn’t start with coding, it starts with secure design. In this article, you’ll see how Microsoft uses threat modeling to ensure secure design and prevent vulnerabilities that could not be fixed with simple coding changes.
Read the Report
SDL Series - Article #3: The Microsoft Security Org Chart This article examines how Microsoft uses defense-in-depth at an organization level to ensure that there are many opportunities to detect and remove software vulnerabilities. You’ll see how security responsibilities are assigned from individual developers, up through the global security team.
Read the Report
Hands On
Security Development Lifecycle Webcast
A proactive approach to building a successful Security Development Lifecycle (SDL) program. Topics include the benefits of SDL, best practices for adoption, and the value of industry standards. Watch the Webcast
Data Collection and Role Collaborations Within Organizations
This paper researches perceptions of different groups of information stakeholders on how privacy and data protection risks are being managed in their organizations. The study is based on survey results collected in September 2007. Read the Report
Microsoft Security Intelligence Report - January through June 2008 This report provides an in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software, focusing on the first half of 2008.
Read the Report
Lessons Learned from Five Years of Building More Secure Software In the years since Bill Gates issued his memorable memo explaining the importance of building more secure software, many people across Microsoft have worked to improve the security of their products.
Read the Report
Follow the quest of Kevlarr, an ordinary software developer, as he learns to find his inner super powers to build and protect a more fortified application.
Kurt Lykins, Corporate One: "[…]we found that interfacing a Linux-based domain controller with Windows Server® did not support the level of security that the law requires for financial institutions."
