Syed Aslam Basha here from the Information Security Tools team. WPL v1.0 has got the following features: AntiXSS library (It has got deprecated methods of AntiXSS) Encoder Library (It has got AntiXSS methods provided in the new namespace)...

Syed Aslam Basha here from the Information Security Tools team. In order to use security runtime engine (SRE) in your application, you need to configure web.config. Currently SRE has got two modules, cross-site scripting protection module and SQL injection...

Syed Aslam Basha here from the Information Security Tools team. In one of my application testing I faced issue of “strong name validation failed” for a assembly, had to figure out a way to turn off strong name validation so that I can carryout...

Syed Aslam Basha here from the Information Security Tools team. As the installer name suggests CATNETV20CMD, CAT.NET V2.0 CTP is command line version only. CAT.NET v2.0 CTP analyses assemblies for vulnerabilities and configuration files for misconfigurations...

Syed Aslam Basha here from the Information Security Tools team. Current version of WACA v1.0 CTP analyzes application configuration for security best practices related to General Application, IIS , ASP.NET Application and SQL Server settings. Machine...

Syed Aslam Basha here from the Information Security Tools team. Apart from Cross-site scripting (XSS) protection/detection Web protection library (WPL) has security runtime engine (SRE) - http module to protect/detect from SQL injection attacks as...