Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.
President of France not immune to online theft
According to the Associated Press, French police said that in October of this year they arrested two … Read more »
Trustworthy Computing’s 10 Year Milestone – Reflecting on Humble Beginnings
January marks the ten year milestone of Bill Gates’ memo on Trustworthy Computing. When I … Read more »
Upgrade to Internet Explorer 8 to help protect your computer
Microsoft has determined that one of the technologies used in the recent criminal attacks against … Read more »