Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.
Challenges and Opportunities in Defining Cybersecurity Norms
Today I will speak at George Washington University on a panel discussing the development of … Read more »
Determining the Geolocation of Systems Infected with Malware
For me, one of the most interesting new bits of data included in the latest … Read more »
Automated Collective Action and a Safer More Trusted Internet
The Internet population is expected to double from over 2 billion users today to more … Read more »