July, 2009

  • Security Tools

    How to Get All User Members From Nested Security Groups in Active Directory Using .NET and C#

    • 1 Comments
    Hello, Randy Evans here. I am a principal developer on the Information Security Tools team. In a recent project, we found it necessary to get collections of users from security groups defined in Active Directory (AD). It is common practice for security...
  • Security Tools

    TAM 3.0 and the Intelligent TFS Sync Feature

    • 0 Comments
    Syed Aslam Basha here. I am the tester on the Information Security Tools team and responsible for testing  Microsoft Threat Analysis and Modeling v3.0. In the previous blog post we have highlighted feature list of TAM V3.0 (For more information ...
  • Security Tools

    Self-Service Identity and Access Management Solution (Easy ID)

    • 0 Comments
    Raju Bhan here, I am a PM on the Information Security Tools team   If you haven’t had a chance to go through my last blog about ensuring identity consistency, please check it out here since Easy ID is an extension of that. Easy ID was created to...
  • Security Tools

    Security Guidance and Threat Modeling

    • 0 Comments
    RV here... Security Development Lifecycle and other security development processes help developers build secure application and one of the key outputs of these processes is security guidance. You might ask, what is security guidance? From an architect...
  • Security Tools

    How to Build Custom Logon UI’s in Windows Vista

    • 0 Comments
    Hi, Rajesh Gopisetty here. I am the India dev lead for the Information Security Tools team. The blog post discusses the authentication model in Vista and how enterprise can use it to build custom logon UI’s. Prior to Windows Vista, to log on to 3 rd party...
  • Security Tools

    WMI programming using C#.NET

    • 0 Comments
    Hello, Anil Chintala here. I am a senior developer on the Information Security Tools team. I work in operations engineering cell which is focused on building scanning tools, data protection tools and number of other security tools to support InfoSec operations...
  • Security Tools

    How to Verify the Validity of IIS Certificates on Remote Servers Using ABO – Part 2

    • 0 Comments
    Nawal Kishore Gupta here. I am a developer on the Information Security Tools team focused on building host security assessment tools. This is the second part of a two part blog on how to verify the validity of IIS certificates on remote servers. The first...
  • Security Tools

    SharePoint Coding Practices – A Quick Overview

    • 0 Comments
    Aravindhan Rajagopal here. I am a developer from Information Security Tools team. I had been working on couple of SharePoint projects in my team for the past couple of years and thought of posting a blog which would be helpful for beginners in particular...
  • Security Tools

    In Seattle and Want To Chat to the WPL (Anti-XSS) Developer?

    • 0 Comments
    RV is doing a talk at the local OWASP Chapter. Details below. http://www.owasp.org/index.php/Seattle#Next_Event_11_August_.28Tuesday.29
  • Security Tools

    Creating a Redistributable CISF Portal Widget

    • 0 Comments
    [As part of CISF we will ship an ASP.NET AJAX web portal in which you can host your custom security management applications. The portal allows users to personalize certain pages by selecting various widgets made available to them. The information in this...
  • Security Tools

    Create a Bing Widget for the CISF Security Portal

    • 0 Comments
    [As part of CISF we will ship an ASP.NET AJAX web portal in which you can host your custom security management applications. The portal allows users to personalize certain pages by selecting various widgets made available to them. The information in this...
  • Security Tools

    Understanding CISF Portal Widget Framework

    • 0 Comments
    [As part of CISF we will ship an ASP.NET AJAX web portal in which you can host your custom security management applications. The portal allows users to personalize certain pages by selecting various widgets made available to them. The information in this...
  • Security Tools

    An Introduction to the Connected Information Security Platform or CISF

    • 0 Comments
    Mark Curphey here. Nearly two years ago I came to Microsoft to explore an idea. As Big Weld in the film Robots said “see a need, fill a need” and I had seen a need! For several years I had been looking at the security management tools space and talking...
  • Security Tools

    How to: Import Threat Models Created with TAM 2.1 into TAM 3.0

    • 0 Comments
    Syed Aslam Basha here. I am a tester on the Information Security Tools team and responsible for testing  Microsoft Threat Analysis and Modeling V3.0. With the availability of latest beta version of TAM V3.0, it becomes increasingly more important...
  • Security Tools

    TAM 3.0 Beta is Now Live!

    • 0 Comments
    Mark Curphey here. I am delighted to say that Threat Analysis and Modeling (TAM) 3.0 Beta is now live on MSDN. You can download it here . RV posted an initial mail about some features yesterday here . RV will post series of screen casts on new features...
  • Security Tools

    Threat Analysis And Modeling (TAM) v3.0 – Learn about the New Features!

    • 0 Comments
    RV here… Last time we briefly talked about releasing TAM v3.0 this year. With each week we’re inching closer to that goal. TAM v3.0 release is focused on 3 main areas of the tool including: threat modeling methodology gathering application architecture...
  • Security Tools

    Anti-XSS Library 3.0 RTM

    • 0 Comments
    RV here… Anti-XSS library 3.0 is now RTM!!! MSDN download center is updated with the new binaries. Here is a overview of the changes in 3.0 release. New features in this version of the Microsoft Anti-Cross Site Scripting Library include: An expanded white...
  • Security Tools

    Web Protection Library (WPL) – A Brief Introduction

    • 0 Comments
    RV here… I wanted to share with you some tidbits on our new project called Web Protection Library (WPL) which contains libraries to protect web applications from common vulnerabilities and attacks. Our goal is to offer comprehensive web application protection...
  • Security Tools

    Differences Between AntiXss.HtmlEncode and HttpUtility.HtmlEncode Methods

    • 0 Comments
    Syed Aslam Basha here. I am a tester on the Information Security Tools team and responsible for testing Microsoft Anti-XSS V3.0. The difference lies in implementation and performance you could get. The following are the differences between Microsoft.Security...
  • Security Tools

    Implementation Ideas for the CAT.NET 2.0 Tainted Variable Analysis Algorithm

    • 0 Comments
    Andreas Fuchsberger here….. Within the Information Security Tools Group we are now really getting into a redesign of our popular Code Analysis Tool for .NET (CAT.NET). One of the biggest challenges we have is to redesign the engine so that it no longer...
  • Security Tools

    C# Compiler Optimization

    • 0 Comments
    Gaurav Sharma here, I’m a developer with the Information Security Tools team. A couple of months back when I was trying to understanding the .NET compilation model I encountered an interesting thing. I created a small program to print an Int32 type array...
  • Security Tools

    Some Interesting Posts

    • 0 Comments
    Mark Curphey here......( @curphey on Twitter) There is a stack of new interesting videos and posts related to the software security tools we build that I found this week. Ben Livshits video on the architecture of CAT.NET here RV talking about TAM 3.0...
Page 1 of 1 (22 items)