Browse by Tags
As we all know, IE8 is coming out soon (Beta 2 is already released) and one of the major performance changes in IE8 is opening up to 6 concurrent connections per host, comparing to only 2 in IE7. So, the question is: Does VSTS have IE8? And if it does,
Read More...
Sometimes it’s beneficial to run load test simulating IE cache. For example, if application is used frequently by repeated users, or if project team wants to set up production monitoring system that measures user experience with cache. There are two places
Read More...
In .NET 2.0 the property .EnableDecompression was added which will allow you to use IIS 6 Native Compression in your smart client application. The following article explains how to implement compression in your application and how to configure IIS 6 to
Read More...
This post shares case studies of high CPU utilization of ASP.NET web sites. High CPU utilization was caused by lack of batch compilation, multiple folders, and use of XmlSerializer. In all cases the result was high CPU and poor performance; the symptom
Read More...
Last week while feeding my caffeine addiction I came across an article in the New York Times titled Can’t Find a Parking Spot? Check Smartphone . In order to reduce traffic congestion and fuel consumption, the city of San Francisco is implementing
Read More...
"The hardest thing of all is to find a black cat in a dark room, especially if there is no cat." – Confucius Security code inspections is sort of searching in the dark. However, security vulnerabilities in many cases* are recurrent anti-patterns
Read More...
Several enterprises are increasingly investing time and money in building application security tasks into their existing SDLCs. Some of them have also reached the conclusion that proactive approaches , like threat modeling, have more ROI than reactive
Read More...
After about an hour of nodding his head vigorously in agreement with some of our lessons learnt, my customer jumped up and exclaimed, " Great!! Now where do I find another 20 people like these?" (pointing to my team)... I thought about it a
Read More...
Technorati Tags: Conference , SDLC , SDL , IT , ISV I will be discussing Microsoft IT's approach to secure application development, with a special focus on how we integrate security into the IT line-of-business SDLC, in a webcast this Thursday May 29th.
Read More...
Threat Modeling is no longer the obscure magic is used to be. With the creation of tools like the Threat Analysis and Modeling tool from the ACE Team, Threat Modeling is now easier to implement, faster and more comprehensive. Threat Modeling is
Read More...
This is a link to an article I recently published through InterGovWorld.com in Canada. http://www.intergovworld.com/article/de76c0610a0104080164a05db0878ff1/pg1.htm Todd Kutzke
Read More...
The other day I was subject to the assertion that the only asset an IT security organizations should care about is data. Now being in the application security business, I should have been jumping at this validation but couldn't. The IT security org needs
Read More...
Now that you've decided (or battled) to set up an application security program you realize that it actually needs to get funded. You must master the art of delicately drinking from the fire hydrant of line of business applications. In my experience
Read More...
I will be speaking at the Front Range OWASP Conference (FROCo8) in Denver on June 10th. The focus of the conference to share the experiences that the speakers had around solving technical and management issues surrounding application security. I'll be
Read More...
Large enterprises tend to have a number of line of business (LOB) applications supporting business operations. It becomes key for an application security program to help the organization manage the risk posed by each of these applications.Applications
Read More...
