Hi everyone, Bryan here. Michael wrote a great post here on SDL-required SQL injection defense techniques in the wake of the recent mass SQL injection attacks against ASP sites. Additionally, the Security Vulnerability Research & Defense blog has just posted an analysis of the attack along with guidance recommendations for IT/database admins, web developers, and end users. Finally, if you are looking for classic ASP-specific (not ASP.NET) guidance, Bala Neerumalla has posted a detailed document on preventing SQL injection in ASP on MSDN.
The Threat Landscape in Canada
Last week I had the opportunity to speak at the Security Education Conference Toronto 2013 … Read more »
The Microsoft Security Development Lifecycle Extends Beyond Applications to Critical Infrastructure
This morning, I am sitting at the inaugural Security Development Conference 2012 in Washington DC … Read more »
Watch out for fake security software
One of the most common ways for cybercriminals to steal money from people is through … Read more »