Watch free on-demand recordings of Mark’s top-rated presentations from TechEd, BUILD and other conferences on Azure, security, Windows troubleshooting, malware hunting. If you have a question about a topic in any of these webcasts, please visit the Sysinternals Forum for answers and help from other users and our moderators.
The Case of the Unexplained 2014
The Case of the Unexplained 2013
The Case of the Unexplained 2012
The Case of the Unexplained 2011
The Case of the Unexplained 2010
Mark’s “The Case of…” blog posts come alive in these recorded webcasts of his #1-rated TechEd sessions. Learn how to troubleshoot the toughest Windows and application problems by watching Mark use Sysinternals and other advanced tools to solve real-world examples. Be sure to check out all webcasts since they include totally different troubleshooting examples and demonstrate different techniques.
Learn about ways to integrate with Azure Resource Manager (ARM) to enable role-based access control (RBAC), tagging, and template-based deployments, and how Windows containers with Docker compatibility make your code deploy instantly and work consistently in any environment. Also learn how Service Fabric, Microsoft’s hyper-scale micro-service PaaS that powers everything from Azure DB to Cortana, brings applications state-of-the art high-density, high availability and stateful computing capabilities.
Join Mark Russinovich and Mark Minasi for a lively discussion as they share their views on the cloud computing disruption and what it means for IT pros and developers. Mark Russinovich brings his perspective from leading Microsoft Azure architecture and Mark Minasi brings his IT expertise and view from outside.
The rise of public cloud computing has brought with it a new set of security considerations that are not widely understood. With a unique perspective from working on the security systems of a public cloud, Mark describes public cloud service provider and cloud customer threats, including malicious insiders, shared technology, data breaches, and data loss. For each, he assesses the risks and explores the value of mitigations like encryption-at-rest, encryption-in-flight, and other security best practices, separating hype from reality so that you can make educated decisions as your organization moves to the cloud.
Join Mark Russinovich and Mark Minasi for a lively discussion as they share their views on the cloud computing disruption and what it means for IT pros and developers. Mark Russinovich brings his perspective from leading Microsoft Azure architecture and Mark Minasi brings his IT expertise and view from outside. The economics of public cloud, future of PaaS and IaaS, how enterprises will bridge their on-premises environments with the cloud, how you should look at security in the public cloud, and what skills are important for IT pros and developers are just some of the areas they explore together.
This session gives an overview of the new Windows Azure infrastructure services (IaaS), including support for Windows Server and Linux persistent virtual machines, new networking capabilities for hybrid applications and on-premises/cloud connectivity, and support for applications that consist of PaaS and IaaS roles. Mark explains how IaaS fits into Windows Azure to extend existing server applications to cloud and shows demonstrations of IaaS VM deployment and complex multi-VM applications.
Mark Russinovich goes under the hood of the Microsoft datacenter operating system. Intended for developers who have already gotten their hands dirty with Windows Azure and understand its basic concepts, this session gives an inside look at the architectural design of the Windows Azure compute platform. Learn about Microsoft’s data center architecture, what goes on behind the scenes when you deploy and update a Windows Azure app and how it monitors and responds to the health of machines, its own components, and the apps it hosts.
Join Mark Russinovich for an overview of Microsoft’s new cloud OS. Assuming no prior knowledge of Windows Azure, this session will start by explaining the Windows Azure Platform-as-a-Service (PaaS) app philosophy and how it differs from that of traditional server apps. Then, demonstrating key concepts with a real Windows Azure service built and deployed to the cloud, we’ll describe the Windows Azure service model, including concepts like update and fault domains. The session will then conclude by discussing the different service update options and detail the recovery steps Windows Azure follows when it detects that a service or a hardware device has failed.
Mark Russinovich goes under the hood of Microsoft’s new cloud OS. Intended for developers who have already gotten their hands dirty with Windows Azure and understand its basic concepts, this session gives an inside look at the architectural design of Windows Azure’s compute platform. You’ll learn about Microsoft’s data center architecture, what goes on behind the scenes when you deploy and update a Windows Azure app and how it monitors and responds to the health of machines, its own components and the apps it hosts.
Mark talks about what he’s working on in the Windows Azure team, why the world is moving to the cloud, and what Platform-as-a-Service (PaaS) means and how Windows Azure delivers PaaS.
Mark, Arun Kishan and Landy Wang describe many of the core improvements to Windows that make Windows 7 more reliable, responsive, and scalable than previous versions of Windows. Learn about the kernel dispatcher lock and other parallelization, large page support, memory footprint reduction, NUMA enhancements, and more.
Tech-Ed North America 2011: Mysteries of Windows Memory Management Revealed, Part 2
If you want to know the difference between System Committed memory and Process Committed memory, wondered what all those memory numbers shown by Task Manager really mean, or want to gain insight into the memory-related impact of a process, then this talk is for you. Watch Mark in this on-demand webcast from North America 2011.
Watch as Mark explains Windows limits related to object handles, virtual memory and physical memory. Along the way he explains where the limits come from and how to monitor your applications so that you're warned when they approach the limits and so that you can size your systems to accommodate their resource requirements.
Mark takes you inside new Windows virtualization and VHD features, including live VM migration, core parking and timer coalescing, hypervisor power management support, and new hardware-assisted guest memory management. He delivers the entire presentation from a Windows installation that was booted from VHD to show you how Windows implements a native VHD stack and how the boot architecture has changed to accommodate booting from VHD images.
Mark talks about kernel changes in Windows 7 and Windows Server 2008 R2, including the removal of the scheduler's dispatcher lock, support for up to 256 CPUs, boot from VHD, MinWin, core parking for power savings and more.
In a follow-on to the previous Inside Windows 7 discussion, Mark digs into the insides of Windows 7, way deep down in the system (the culmative effects of which help to make Windows 7 Microsoft's most reliable, scalable and efficient general purpose operating system to date).
Channel 9 chats with Technical Fellow and Sysinternals founder Mark Russinovich to dig a bit into what's new in the Windows Server 2008 kernel. Of course, we talk about many things including HyperV, application virtualization, kernel architecture, and more....
Pass-the-hash transforms the breach of one machine into total compromise of infrastructure. The publication of attacks, and lack of tools to respond, have forced enterprises to rely on onerous and ineffective techniques. In this session, we deconstruct the PtH threat, show how the attack is performed, and how it can be addressed using new features and functionality recently introduced in Windows.
Mark provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. He demonstrates their malware-hunting capabilities by presenting several current, real-world malware samples and using the tools to identify and clean malware.
This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. You will see demos for their malware-hunting capabilities through several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of a Stuxnet infection’s system impact.
Mark makes the case for how his hit cyberthriller, Zero Day, is likely to be realized in non-fiction form in this 20-minute short version of his well-popular RSA Conference session.
Slides from Mark’s highly-rated Blackhat US 2011 presentation on how to use the Sysinternals tools to hunt down and eliminate malware.
Check out Mark’s Channel 9 interview where he talks about how he got started with Windows internals, new security features in Windows Vista, User Account Control, and what he’s doing at Microsoft.
Episodes 1 – 12 of the Defrag Tools shows focus on Sysinternals tools. Each episode covers a specific tool used on the tech support show Defrag, covering when and why to use the tools, and providing tips on how to get the most out of them: