Browse by Tags

Tagged Content List
  • Blog Post: Mohammad Akif on InfoQ

    If you've never met or heard Mohammad Akif here's your chance! He's one of our evangelists in Toronto (my home-town!), Canada. Mohammad talks to InfoQ about service oriented-architectures (SOA) and the Security Development Lifecycle , check him out http://www.infoq.com/interviews/Mohammad-Akif . Enjoy...
  • Blog Post: Anti-Cross Site Scripting Library V1.5: Come Get It!

    Update: The FAQ is now up as of today to help answer any initial questions you might have. Check it out on the main landing page for the librarry at http://msdn2.microsoft.com/en-us/security/aa973814.aspx . Update: We'll be posting a Web-facing FAQ shortly (there's already one inside the library documentation...
  • Blog Post: Anti-Cross Site Scripting Library V1.5 Update

    Today we released a preview copy to a select list of people and awaiting to get feedback. Very soon folks, very soon! I also spent last night and into the morning putting together a tutorial so watch out for the release of that! Thanks, -- Kevin Lam, CISSP Senior Security Technologist...
  • Blog Post: Thoughts On Code Scanning

    Dan Sellers posted my rant on code scanning tools on his Security for Canadian Developers Blog : --- START --- Information managers, developers and testers commonly make the mistake of seeing code scanning tools as replacement for security QA processes. As a result they get a false sense of security...
  • Blog Post: Anti-Cross Site Scripting Library V1.5: Almost there ...

    Just wanted to give an update and the new implementation of the Anti-Cross Site Scripting Library V1.5 is done. I re-wrote the entire library to be much more performant than the previous implementations as well as added more encoding methods for various web-application scenarios (Java Script, Visual...
  • Blog Post: More on Windows Vista's Address Space Layout Randomization (ASLR)

    Check out Stephen Toulouse's blog entry here . Enjoy, Kevin -- Kevin Lam, CISSP Senior Security Technologist Microsoft Application Consulting & Engineering (ACE) Team
  • Blog Post: Windows Vista Security: Address Space Layout Randomization (ASLR)

    Michael Howard's blog entry on randomization of address space layout: http://blogs.msdn.com/michael_howard/archive/2006/05/26/608315.aspx I personally haven't seen the internals (implementation) yet, but it should be interesting on how well it affects a malicious user's ability to successfully exploit...
  • Blog Post: Where's the Microsoft Anti-Cross Site Scripting Library V1.5?

    Several people have asked me when the next version of the Microsoft Anti-Cross Site Scripting (XSS) Library (version 1.5) would be released. There were some delays, and so it should be around the end of June, no guarantees though -- by the way, thanks for all the patience so far! Since the original...
Page 1 of 1 (8 items)