Browse by Tags

Tagged Content List
  • Blog Post: [Network World] Microsoft juices Visual Studio with secure coding tools

    At the Black Hat Conference taking place in Washington, D.C., Microsoft said it will deepen ties between its Visual Studio development tools and the secure applications development processes first developed inside the company and now available to outsiders. Read the full story…
  • Blog Post: Security Guidance: Security Development Lifecycle (SDL) - Version 4.1a

    As part of its commitment to a more secure and trustworthy computing ecosystem, Microsoft releases the SDL process guidance 4.1a. IT policy makers and software development organizations can leverage this content to enhance and inform their own software security and privacy assurance programs. The Microsoft...
  • Blog Post: [Sydney Herald] Microsoft raises cloud computing concerns

    Microsoft released a "white paper" on the issue in conjunction with an International Conference of Data Protection and Privacy in Madrid. "We want to take the initiative in regard to our position on privacy in the cloud," Microsoft senior director of privacy strategy Brendon Lynch...
  • Blog Post: [NetworkWorld] Federated Identity: Active Directory Federation Services Interoperable with SAML 2.0 Implementations

    Microsoft's federated identity platform passed its first SAML 2.0 interoperability test with favorable marks, signaling the end to the vendor's standoff against the protocol. Read full story…
  • Blog Post: Security Verification: BinScope Binary Analyzer

    The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.  BinScope checks that SDL-required compiler/linker flags are being set, strong...
  • Blog Post: Security Testing: MiniFuzz File Fuzzer

    MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code. This tool creates multiple random variations of file content and feeds it to the application to exercise the code in an attempt to expose unexpected application behaviors...
  • Blog Post: [CIO] Five Lessons from Microsoft on Cloud Security

    The software titan reviewed its security approach to cloud computing and developed new strategies. Here's what one Microsoft cloud expert says he's learned. Discuss risk with customers. The security of cloud services worries many customers, and it should. Pay attention to compliance. Larger enterprise...
  • Blog Post: [NSS Labs] Internet Explorer 8 rated tops against malware and phishing attacks

    NSS Labs performs recurring, standardized testing of web browser security. This includes rating protection against socially engineered malware and phishing attacks. The results are based upon empirically validated evidence gathered by NSS Labs during continuous 24x7 testing against fresh, live malicious...
  • Blog Post: Security Threats: Code Analysis Tool .NET (CAT.NET) Preview

    CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection. The tool can function as a plug-in for Visual Studio 2005/2008, FxCop custom...
  • Blog Post: Security Guidance

    As part of its commitment to a more secure and trustworthy computing ecosystem, Microsoft releases the SDL process guidance v4.1. IT policy makers and software development organizations can leverage this content to enhance and inform their own software security and privacy assurance programs. Get the...
  • Blog Post: Threat Modeling Tool 3.1

    This tool allows non-security subject matter experts (SMEs) to enter already known information, including business requirements and application architecture which can then produce a feature-rich threat model. Get the tool…
  • Blog Post: Application Building Blocks: Enterprise Library 4.1

    The Microsoft Enterprise Library is a collection of application blocks designed to assist developers with common enterprise development challenges. Application blocks are a type of guidance, provided as source code that can be used "as is," extended, or modified by developers to use on enterprise development...
  • Blog Post: FxCop 1.36

    FxCop is an application that analyzes managed code assemblies (code that targets the .NET Framework common language runtime) and reports information about the assemblies, such as possible design, localization, performance, and security improvements . FxCop is intended for class library developers. However...
Page 1 of 1 (13 items)