• Security Tools

    How to Build Custom Logon UI’s in Windows Vista

    • 0 Comments
    Hi, Rajesh Gopisetty here. I am the India dev lead for the Information Security Tools team. The blog post discusses the authentication model in Vista and how enterprise can use it to build custom logon UI’s. Prior to Windows Vista, to log on to 3 rd party...
  • Security Tools

    WMI programming using C#.NET

    • 0 Comments
    Hello, Anil Chintala here. I am a senior developer on the Information Security Tools team. I work in operations engineering cell which is focused on building scanning tools, data protection tools and number of other security tools to support InfoSec operations...
  • Security Tools

    How to Verify the Validity of IIS Certificates on Remote Servers Using ABO – Part 2

    • 0 Comments
    Nawal Kishore Gupta here. I am a developer on the Information Security Tools team focused on building host security assessment tools. This is the second part of a two part blog on how to verify the validity of IIS certificates on remote servers. The first...
  • Security Tools

    SharePoint Coding Practices – A Quick Overview

    • 0 Comments
    Aravindhan Rajagopal here. I am a developer from Information Security Tools team. I had been working on couple of SharePoint projects in my team for the past couple of years and thought of posting a blog which would be helpful for beginners in particular...
  • Security Tools

    In Seattle and Want To Chat to the WPL (Anti-XSS) Developer?

    • 0 Comments
    RV is doing a talk at the local OWASP Chapter. Details below. http://www.owasp.org/index.php/Seattle#Next_Event_11_August_.28Tuesday.29
  • Security Tools

    Creating a Redistributable CISF Portal Widget

    • 0 Comments
    [As part of CISF we will ship an ASP.NET AJAX web portal in which you can host your custom security management applications. The portal allows users to personalize certain pages by selecting various widgets made available to them. The information in this...
  • Security Tools

    Create a Bing Widget for the CISF Security Portal

    • 0 Comments
    [As part of CISF we will ship an ASP.NET AJAX web portal in which you can host your custom security management applications. The portal allows users to personalize certain pages by selecting various widgets made available to them. The information in this...
  • Security Tools

    Understanding CISF Portal Widget Framework

    • 0 Comments
    [As part of CISF we will ship an ASP.NET AJAX web portal in which you can host your custom security management applications. The portal allows users to personalize certain pages by selecting various widgets made available to them. The information in this...
  • Security Tools

    An Introduction to the Connected Information Security Platform or CISF

    • 0 Comments
    Mark Curphey here. Nearly two years ago I came to Microsoft to explore an idea. As Big Weld in the film Robots said “see a need, fill a need” and I had seen a need! For several years I had been looking at the security management tools space and talking...
  • Security Tools

    How to: Import Threat Models Created with TAM 2.1 into TAM 3.0

    • 0 Comments
    Syed Aslam Basha here. I am a tester on the Information Security Tools team and responsible for testing  Microsoft Threat Analysis and Modeling V3.0. With the availability of latest beta version of TAM V3.0, it becomes increasingly more important...
  • Security Tools

    TAM 3.0 Beta is Now Live!

    • 0 Comments
    Mark Curphey here. I am delighted to say that Threat Analysis and Modeling (TAM) 3.0 Beta is now live on MSDN. You can download it here . RV posted an initial mail about some features yesterday here . RV will post series of screen casts on new features...
  • Security Tools

    Threat Analysis And Modeling (TAM) v3.0 – Learn about the New Features!

    • 0 Comments
    RV here… Last time we briefly talked about releasing TAM v3.0 this year. With each week we’re inching closer to that goal. TAM v3.0 release is focused on 3 main areas of the tool including: threat modeling methodology gathering application architecture...
  • Security Tools

    Anti-XSS Library 3.0 RTM

    • 0 Comments
    RV here… Anti-XSS library 3.0 is now RTM!!! MSDN download center is updated with the new binaries. Here is a overview of the changes in 3.0 release. New features in this version of the Microsoft Anti-Cross Site Scripting Library include: An expanded white...
  • Security Tools

    Web Protection Library (WPL) – A Brief Introduction

    • 0 Comments
    RV here… I wanted to share with you some tidbits on our new project called Web Protection Library (WPL) which contains libraries to protect web applications from common vulnerabilities and attacks. Our goal is to offer comprehensive web application protection...
  • Security Tools

    Differences Between AntiXss.HtmlEncode and HttpUtility.HtmlEncode Methods

    • 0 Comments
    Syed Aslam Basha here. I am a tester on the Information Security Tools team and responsible for testing Microsoft Anti-XSS V3.0. The difference lies in implementation and performance you could get. The following are the differences between Microsoft.Security...
  • Security Tools

    Implementation Ideas for the CAT.NET 2.0 Tainted Variable Analysis Algorithm

    • 0 Comments
    Andreas Fuchsberger here….. Within the Information Security Tools Group we are now really getting into a redesign of our popular Code Analysis Tool for .NET (CAT.NET). One of the biggest challenges we have is to redesign the engine so that it no longer...
  • Security Tools

    C# Compiler Optimization

    • 0 Comments
    Gaurav Sharma here, I’m a developer with the Information Security Tools team. A couple of months back when I was trying to understanding the .NET compilation model I encountered an interesting thing. I created a small program to print an Int32 type array...
  • Security Tools

    Some Interesting Posts

    • 0 Comments
    Mark Curphey here......( @curphey on Twitter) There is a stack of new interesting videos and posts related to the software security tools we build that I found this week. Ben Livshits video on the architecture of CAT.NET here RV talking about TAM 3.0...
  • Security Tools

    A Powerful Method of Controlling Stress Levels for Developers

    • 0 Comments
    Kathy Shieh here, I am the US Dev Lead for the Information Security Tools team which means I manage the developers and testers (in the US and in Beijing). I have been at Microsoft for just over 10 years. “Ugh - I’ll never be able to finish all this work...
  • Security Tools

    Ensuring Identity Consistency [Auto-Consistency Manager]

    • 0 Comments
    Raju Bhan here… I’m the Senior Security PM in Information Security Tools Team at Microsoft. Before choosing to be a PM, I was a developer and one of my projects was AutoConsistency Manager. AutoConsistency was all about ensuring Identity Consistency across...
  • Security Tools

    Creating Multi-Level Navigational Menu with the ASP.NET Repeater Control and CSS Styles

    • 0 Comments
    Syam Pinnaka here, I am a Senior Developer on the Information Security Tools team focused mainly on building identity management software using Microsoft Forefront Identity Manager (more info about FIM can be found here and well be talking about the work...
  • Security Tools

    New Build of CAT.NET (Version - 1.1.1.9) – Please Upgrade

    • 3 Comments
    Syed Aslam Basha here…..I am a tester on the Information Security Tools team. There is a new build of CAT.NET Version 1.1.1.9 now available for download on MSDN ( 32 bit here and 64 bit here ). We recommend *ALL* users upgrade to this latest release,...
  • Security Tools

    Transparent Data Encryption (TDE) : Encrypting Data at Rest

    • 2 Comments
    Vineet Batta here…..I am senior software development engineer in Information Security Tools team at Microsoft. Today I am going to share my experiences on encrypting data at rest.  Most organizations want to secure their HBI (High Business Impact...
  • Security Tools

    Lean Machine

    • 0 Comments
    Marius Grigoriu here… I’m the Product Manager for Risk Tracker and parts of the Connected Information Security Framework, some of the software we’re building for Microsoft Information Security and that we will frequently mention on this blog. The other...
  • Security Tools

    Traversing a Recursive Table Self Reference Using T-SQL

    • 0 Comments
    Randy Evans here…I am a Principal Architect on the Information Security Tools team. During the Risk Tracker project (something well be talking more about in the coming weeks), we found that a natural hierarchy of roles was inherent in the RBA authorization...
Page 4 of 5 (109 items) 12345