March’s Security Newsletter is here and this month we are focusing on the tools that can help you better secure and manage your servers, desktops, users and more!

I talk to customers from all over the world about computer security. One of the common things I hear is that it’s difficult to articulate the return on investment (ROI) of the secure development efforts undertaken by their IT departments and development organizations. To help chief security officers, IT professionals, and developers better communicate the value of secure development, we commissioned Forrester Consulting to conduct a survey study. The study, entitled “State of Application Security: Immature Practices Fuel Inefficiencies, but Positive ROI Is Attainable,” provides insight on the current state of application security development practices and identifies key trends and market directions for application security. We hope this can be a helpful tool in your future ROI conversations.

We also have some new threat intelligence for you this month. Many of the customers I have talked to, particularly in the finance industry, have been very concerned about a threat called Zbot (a.k.a. Zeus). Win32/Zbot can be used for a variety of illicit purposes including sending spam email messages, executing distributed denial-of-service (DDoS) attacks, and distributing malware. However, its primary purpose, and the one for which it was specifically developed, is to steal financial information from infected computers. The Microsoft Malware Protection Center (MMPC) has released a special edition of the Microsoft Security Intelligence Report (SIR) called Battling the Zbot Threat to bring you up to speed on this threat and the work that the MMPC has been doing to fight it.