Microsoft ‘Oxygen’ security-management platform in the works

Posted by sumeethevans on October 12 2007, 6:43 AM. Posted in Microsoft Corp.

Microsoft has hired security expert Mark Curphey, the former Chief Technology Officer of SourceClear, who is bringing with him to Microsoft the “Oxygen” security platform and security-lifecycle applications he had been developing.

Curphey is joining the company as a member of the Application, Consulting and Engineering (ACE) team. Microsoft noted Curphey’s hiring on the ACE Team Blog on October 8.

Curphey founded OWASP, the Open Web Application Project. He left FoundStone, a security consultancy purchased by McAfee in 2004, to form SourceClear. After realizing getting venture funding in the UK would be tough, Curphey said he decided to join forces with Microsoft to build the platform.

Exactly what is Oxygen? Curphey described it as “ERP for Information Security, the security management equivalent of what Visual Studio Team System is to software development or in more general terms an information security specific Governance Risk and Compliance platform.”

My interpretation: It sounds like Oxygen might take the form of security guidance and management for line-of-business apps.

I asked Microsoft for more information on how Oxygen will fit into its security line-up and when a platform like Oxygen is likely to take its first public breath. No word back so far.

Continue At Source