Hello all, this is Monty LaRue posting with some SDL related tools news. Microsoft has recently released an updated version of the Web Application Configuration Analyzer (WACA). While this tool isn’t intended to satisfy specific SDL requirements, it is valuable for performing best practices checks on your web application’s configuration. The checks span the Windows, IIS, ASP.NET, and SQL Server aspects of a deployment and are derived from standards that Microsoft uses to harden production servers. WACA is a good complement to the Attack Surface Analyzer tool which is applicable within the SDL Verification Phase.
Suggested Resolutions for Cloud Providers in 2014 #1: Reinforce that security is a shared responsibility
Happy 2014! The arrival of a new year is always a great time to reflect … Read more »
Microsoft releases new findings about viruses, spam, fraud, and spyware
Microsoft released the newest Security Intelligence Report (SIR), which focuses on trends in malicious software … Read more »
Worried about ID theft? You’re not alone
Americans are just as worried about losing personal and financial information online as they are … Read more »