Skip to main content
Microsoft Security

Michael Howard Posts

Michael Howard
Michael Howard
Principal Security Program Manager
Visit Michael Howard on LinkedIn Visit Michael Howard on X Visit Michael Howard on X
Published
5 min read

Threat Modeling from the Front Lines 

During my first 7 years at Microsoft, I spent most of my time working on security features such as access control, authentication, cryptography and so on. The next 12 years were spent in product groups and the Security Development Lifecycle (SDL) team working on software design, development and testing practices across the company in order […]

Published
4 min read

Giving SQL Injection the Respect it Deserves 

You may have read recently about a large number of Web servers that were compromised through a SQL injection attack. The malicious SQL payload is very well designed, somewhat database schema agnostic and generic  so it could compromise as many database servers as possible. While the attack was a SQL injection attack that attacked and […]