Browse by Tags

Tagged Content List
  • Blog Post: HelloSecureWorld.com Launched

    Discover the New HelloSecureWorld Security Resource www.HelloSecureWorld.com provides a powerful experience for promoting security awareness and education in the developer community by surfacing existing content as well as new. Well, If you like learning while having FUN then hellosecureworld.com...
  • Blog Post: Some technical details on how XSSDetect does Dataflow Analysis

    Hi, my name is Hassan Khan. I work for the ACE Engineering Team, which is a part of the ACE (Application Consulting & Engineering) Team . We develop tools and solutions to help secure Microsoft Line of Business applications, websites and also work with Microsoft’s enterprise customers. ACE Engineering...
  • Blog Post: First Line of Defense for Web Applications – Part 2

    Hello everyone, as promised I am back with the next post on input validation series for web applications. Knowledge is power right :). So knowing what all things to validate when you start your web project can save you a lot of headache down the road. So here are some of most important aspects on input...
  • Blog Post: Weekend Security Reading Round up Links - 10/20/07

    Inside the Matrix for Mobiles A pretty interesting concept: hack together a platform for connecting the innards of over one hundred different types of cell phones and then connect them to servers allowing virtual access for testing purposes over the Internet. Nigerian Space Program Isn't a 419...
  • Blog Post: First Line of Defense for Web Applications – Part 1

    Hi folks, I am Anmol Malhotra and I work with ACE Services Team as a security consultant. There are lots of security principles which one should be aware of while developing software but at the heart of any secure application, there should be a first line of defense – and the mother of all defenses...
  • Blog Post: Weekend Security Reading Round up Links - 10/12/07

    All about the data: IT security starts with a data-centric worldview ACE Team's Roger A. Grimes has posted a great summary of the importance of having a data-centric way of looking at things for computer/information security to work in an IT environment. 1st CTP of the SQL Server 2005 Driver for...
  • Blog Post: Securing the Gateway to Your Enterprise: Web Services

    Eugene Siu, a Senior Security Consultant on the ACE Team has just published a great article summarizing some of the pitfalls and issues around web services security. You can read the whole article here. -techjunkie
  • Blog Post: Weekend Security Reading Round up Links - 10/5/07

    What's hot in Microsoft security: White lists; Blue hats A discussion on Symantec’s proposal to whitelist everything on a Windows box as well as a summary of Microsoft’s Bluehat 10 Microsoft Security Links to Blow Your Mind Pretty self explanatory, no? :) More eyeballs for .Net Framework...
  • Blog Post: The difference between pentesting and an application development security process Part I

    Many times when we’re speaking with a customer or reviewing material from security vendors, the inclination we’ve seen is to rely on penetration testing or code analysis/scanning tools and other solutions to make up for the fact that there is no comprehensive security process in place during development...
  • Blog Post: Update

    Thank you all for the tremendous response and support. I've gotten so many of your messages that I've not been able to respond to them all individually. We are working through some logistical issues but look forward to getting things going very soon. Please continue watching this space or subscribe!...
  • Blog Post: welcome to a different kind of blog from microsoft

    Hello world. Welcome to a new blog from Microsoft. The focus of this blog is likely to be a little different from most other blogs you'll see on blogs.msdn.com. Microsoft employs some of the best hackers in the world and actively recruits them and develops them. They work on all kinds of projects...
Page 1 of 1 (11 items)