Tooling News: Web Application Configuration Analyzer Released

Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.

You can find more details about each of these tools on the Microsoft Download Center: Web Application Configuration Analyzer and Attack Surface Analyzer Beta.

Join the conversation

  1. Anonymous

    plese we use it and not made and it we it problm it all The sofe ware all

    and test what !!!!!!!!  Thank and myfiends  out hotmail

Comments are closed.