ACE Team - Security, Performance & Privacy : November 2008

News

This blog is provided "AS IS" with no warranties, and confers no rights. Opinions are not necessarily of Microsoft. You can contact the Application Consulting & Engineering Team (ACE Team) by leaving comments, clicking on Contact or Emailing us.

ACE Team's personal blogs

Performance

Performance Testing Microsoft® .NET Web Applications (book)

Security

November 2008 - Posts

Vulnerabilities in Web Applications due to improper use of Crypto – Part 2

Continuing with my last post on vulnerabilities in web applications due improper use of crypto, lets look at what might happen if you reuse an internal method for encrypting data. Consider a web application that needs to encrypt an application cookie. Read More...

Posted: Saturday, November 29, 2008 12:30 AM by ACE Team | 3 Comments

Filed under: Security, cryptography

Vulnerabilities in Web Applications due to improper use of Crypto – Part 1

Cryptography is used often in web applications. Web sites that use cookie based authentication encrypt and sign the authentication cookie. Query strings are sometimes encrypted to prevent manipulation and also to pass sensitive data from one page to another. Read More...

Posted: Thursday, November 13, 2008 7:52 AM by ACE Team | 4 Comments

Filed under: Security, cryptography

Disk Partition Alignment (Sector Alignment): Part I: Slide Deck

Disk partition alignment is a best practice . Now that SQL Server wait stats are formally documented & DMVs are available, disk partition alignment may be the best-kept secret related to SQL Server performance optimization. In combination with stripe Read More...

Posted: Tuesday, November 04, 2008 5:17 PM by ACE Team | 1 Comments

Filed under: Performance, SQL Server

ACE Team - Security, Performance & Privacy

Recent Posts

Tags