Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.
Do I have to pay for antivirus software?
Jo Anne writes: I received a message that said that my Microsoft security software is … Read more »
Download free security updates for June
Microsoft releases security updates on the second Tuesday of every month. The bulletin announces the … Read more »
The Threat Landscape in the Middle East – Part 2: The Palestinian Authority and Iraq
In the first part of this series on the threat landscape in the Middle East … Read more »