Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.
Security Week in Review: March 4, 2011
Trending Security News Mark this phrase – “trusted supply chain.” It is not in … Read more »
RSA Week: CSA Recognizes Microsoft’s Security Leadership
Today at RSA I’m attending the Cloud Security Alliance (CSA) summit where Scott Charney, corporate … Read more »
SMB CTO Reports on Security Management and Green IT with the Cloud
Posted by Adrienne Hall, general manager, Trustworthy Computing with special guest Bobby Jimenez, chief technology … Read more »