Welcome to MSDN Blogs Sign in | Join | Help

News

  • This blog is provided "AS IS" with no warranties, and confers no rights. Opinions are not necessarily of Microsoft. You can contact the Application Consulting & Engineering Team (ACE Team) by leaving comments, clicking on Contact or Emailing us.

March 2006 - Posts

Risk Management in Information Security
So you’ve found some kind of security issue in an application, now what? In many organizations, the security team is either very demanding “this must be fixed” or has no enforcement capability at all “please fix this”. At Microsoft IT, we take a balanced Read More...
Posted: Monday, March 27, 2006 11:44 AM by ACE Team | 4 Comments
Filed under:
What’s the difference between IOSEC and the Microsoft Anti-Cross Site Scripting Library?
Some users who have been using IOSEC, our internal library for defending against cross-site scripting (XSS) attacks, may be wondering what’s the difference between that library and the Microsoft Anti-Cross Site Scripting Library V1.0 at http://www.microsoft.com/downloads/details.aspx?FamilyID=9A2B9C92-7AD9-496C-9A89-AF08DE2E5982&displaylang=en Read More...
Posted: Sunday, March 19, 2006 1:41 AM by ACE Team | 9 Comments
Filed under: ,
ACE Team Tools and Libraries Part I - IOSEC
Update [3/16/06, 4:56PM] There has been some confusion between what IOSEC does and what the Microsoft Anti-Cross Site Scripting Library does (linked to below). The Anti-XSS library currently has a subset of the functionality of IOSEC. Over the coming Read More...
Posted: Monday, March 13, 2006 12:37 PM by ACE Team | 10 Comments
Filed under: ,
Page view tracker