Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.
Protect your privacy—wherever you go
Data Privacy Day is held every January to increase awareness of privacy issues in our … Read more »
Designing for High Availability in the Cloud
Three key objectives of information security are to maintain the confidentiality, integrity and availability of … Read more »
Windows Vista x64 Security – Pt 2 – Patchguard
NOTE: I know this is a long post. If you don’t want to read … Read more »