Home
Program
Partnership
Accommodations
Sponsorship
eNewsroom
Registration
 
Michael Dunner
Investigative Consultant, Microsoft Consulting Services Law Enforcement Support Team, Microsoft, Redmond, WA
 

As an Investigative Consultant in the Microsoft Consulting Services Law Enforcement Support Team, Michael provides U.S. and International law enforcement consulting and training concerning technical investigative topics related to cyber crime. Michael brings over 10 years of computer industry experience in the areas of application development, writing secure code and designing secure features, security best practices, and computer forensics. As a Microsoft Program Manager in both the Windows Security and Office Trustworthy Computing product groups, Michael designed security features incorporated into shipped versions of Windows Vista and Office 2007. In addition, he played an instrumental role in defining and implementing the Microsoft Security Development Lifecycle (SDL) for Office 2007, which subsequently led to a drastic reduction in security vulnerabilities in the Office product. He is a co-author of two best-selling Microsoft Press titles on web application security and ASP.NET application security. Improving Web Application Security: Threats And Countermeasures and Building Secure ASP.NET Applications offer recommendations on how to design, build, and configure architecturally sound, hack-resilient Web applications. In 2007 Michael was awarded the prestigious Engineering Excellence award presented by Bill Gates. It is Microsoft’s highest award for engineering employees worldwide for individuals that have pioneered noteworthy innovations that can be used across Microsoft product lines and that significantly improves products and practices. He has four security engineering patents pending and holds degrees in Computer Science and Business Administration from West Virginia State University and City University of Seattle, respectively.

Michael’s session WINDOWS VISTA FORENSICS will offer investigators insight into the latest Windows operation system and how it can be used to recover evidence. Topics of particular focus include log files, the Windows registry, system Restore Points and the Volume Shadow Copy Service, the Recycle Bin, Encrypting File System (EFS), thumbnail cache, USB storage device analysis, Superfetch, and file system analysis. Additionally, the presentation explores new Windows Vista features which can provide evidence such as Windows BitLocker Drive Encryption and virtualization.