Hi everyone, Bryan here. We’ve written here before about Casaba Security’s Watcher tool and how it can help you verify compliance with several of the SDL web application security requirements, such as:

·         User controlled open redirects

·         Insecure domain references in Silverlight client access policy files

·         Use of the Javascript eval method

·         More…

I’m excited to report that Casaba has just released Watcher v1.3.0, which adds even more useful checks and also integrates with the SDL and MSF-A+SDL process templates. In addition, it can also tell you which of its checks map to SDL requirements.

Watcher is available for free download on Codeplex, and Katie will be demonstrating Watcher during our presentation at RSA next week (AND-202: Microsoft SDL Tools: Automating the Security Development Lifecycle).