Welcome to MSDN Blogs Sign in | Join | Help

December 2008 - Posts

Security Code Review Using CAT.NET - Part 2
Hi Andreas Fuchsberger here again...... How does CAT.NET work? As I mentioned in Part 1 here , CAT.NET is an information-flow type static analysis tool using an implementation of tainted-variable analysis. Tainted-variable analysis is an integrity problem Read More...
Posted: Monday, December 22, 2008 9:24 AM by cisg | 2 Comments
Filed under: , ,
Security Code Review Using CAT.NET - Part 1
Hi Andreas Fuchsberger here … To coincide with the CTP release of CAT.NET and Anti-XSS , within the CSIG we have been taking a long hard look at static analysis tools for developers and Information Security professionals. Over the next series of Read More...
Posted: Monday, December 22, 2008 9:20 AM by cisg | 2 Comments
Filed under: , ,
CAT.NET CTP Links Are Live Again!
Download CAT.NET CTP ( 32 bit here and 64 bit here ) Anti-XSS was not affected but for completeness Download Anti-XSS 3.0 Beta ( here and source code here ) Our sincere apologies. Read More...
Posted: Thursday, December 18, 2008 12:37 AM by cisg | 1 Comments
Filed under: , , ,
CAT.NET Status Update
12 pm PST 17th, December. We continue to face issues with the download links. We are doing everything we can to resolve this and expect it to be resolved within a few hours. We will update this blog with any further news. Our sincere apologies. Read More...
Posted: Wednesday, December 17, 2008 8:05 PM by cisg | (Comments Off)
Filed under:
Secure String in .Net - Part II
Hi Gaurav Sharma here with more information about SecureStrings. This time I'll cover following topics: SecureString internals Performance Let us start with our first topic, SECURE STRING INTERNALS BASICS Class Name: SecureString Assembly: mscorlib.dll Read More...
Posted: Wednesday, December 17, 2008 12:59 PM by cisg | 1 Comments
Filed under: ,
Download Problem for CAT.NET - Status Update
We are continuing to experience problems with the 32 bit download link for CAT.NET. We now estimate a fix by mid-day PST tomorrow (17th December). The 64 bit download link is active again here . I will post here as soon as it is resolved. Our continued Read More...
Posted: Tuesday, December 16, 2008 11:34 PM by cisg | (Comments Off)
Filed under:
Download Problem for CAT.NET - Status Update
We are continuing to experience problem with the links to download CAT.NET. We estimate a fix by 5pm today (16th December). I will post here as soon as it is resolved. Our continued apologies. Read More...
Posted: Tuesday, December 16, 2008 2:53 PM by cisg | 1 Comments
Filed under:
How the Anti-XSS 3.0 SRE Works
RV again... Last time around we looked at SRE from a conceptual perspective , this time lets look at from a code perspective. Lets trace the program flow and understand in depth what SRE code does. SRE is a HttpModule, the main class file is AntiXssModule.cs Read More...
Posted: Tuesday, December 16, 2008 11:41 AM by cisg | 1 Comments
Filed under: ,
Anti-XSS 3.0 Beta and CAT.NET Community Technology Preview now Live!
Mark Curphey here..... I am delighted to say that we have released two new free tools. Download CAT.NET CTP ( 32 bit here and 64 bit here ) Download Anti-XSS 3.0 Beta ( here and source code here ) CAT.NET - Community Technology Preview CAT.NET is a managed Read More...
Posted: Monday, December 15, 2008 9:01 AM by cisg | 19 Comments
Page view tracker