Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

Anti-XSS vNext – Web Protection Library

Want to know more when you can get your hands on the next version of Anti-XSS library, check out this blog about our upcoming CTP release of Web Protection Library. http://blogs.msdn.com/securitytools/archive/2009/10/17/web-protection-library-ctp-release-coming-soon.aspx Read More...
Posted Thursday, November 05, 2009 7:17 PM by anilkr | 0 Comments

How to Detect and avoid memory Leaks in .NET applications?

Here is an excellent MSDN article on how to detect and avoid memory leaks in .NET applications. http://msdn.microsoft.com/en-us/library/ee658248.aspx A must read for Sr. Developers and Testers. Thanks Anil Read More...
Posted Thursday, November 05, 2009 7:13 PM by anilkr | 0 Comments

Anti-XSS Library v3.1 is now Live!

You can now download the new version of Anti-XSS library v3.1 from Microsoft.com Download Center. For more details check this blog post. http://blogs.msdn.com/securitytools/archive/2009/09/17/anti-xss-library-v3-1-released.aspx Thanks Anil Read More...
Posted Wednesday, September 23, 2009 8:08 PM by anilkr | 0 Comments

HTML Sanitization using Anti-XSS Library

Now you can filter (sanitize) HTML using Anti-XSS library v3.1 features. More information can be found at http://blogs.msdn.com/securitytools/archive/2009/09/01/html-sanitization-in-anti-xss-library.aspx . Thanks RV Read More...
Posted Wednesday, September 23, 2009 6:14 PM by anilkr | 0 Comments

Cascading Style Sheet Strings Encoding

I recently blogged about encoding cascading style sheet strings. A new feature is being added to the next version of Web Protection Library (anti-xss library). http://blogs.msdn.com/securitytools/archive/2009/08/21/encoding-cascading-style-sheet-strings.aspx Read More...
Posted Wednesday, August 26, 2009 4:53 PM by anilkr | 1 Comments

LDAP Injection and Mitigation

Yesterday I posted a blog entry on our team blog about LDAP Injection and how to mitigate it using the next version of WPL. You can find it here. http://blogs.msdn.com/securitytools/archive/2009/08/11/ldap-injection-and-mitigation.aspx Thanks RV Read More...
Posted Tuesday, August 11, 2009 6:37 PM by anilkr | 0 Comments

Understanding SDL-LOB Blog Series

My colleague Anmol has done it again, he has posted more blog entries on specific phases of Security Development Lifecycle for Line-of-Business (SDL-LOB)applications. These posts give you more details on what are the action items in specific phase and Read More...
Posted Thursday, July 30, 2009 8:36 PM by anilkr | 0 Comments

Security Guidance and Threat Modeling

I just posted a blog entry on the main drivers behind CTL in TAM v3.0. You can check it out at IST blog site. http://blogs.msdn.com/securitytools/archive/2009/07/30/security-guidance-and-threat-modeling.aspx Thanks RV Read More...
Posted Thursday, July 30, 2009 8:27 PM by anilkr | 0 Comments

OWASP Seattle Chapter Talk on Anti-XSS

Two weeks from now on August 11th in Bellevue I am going to talk about Anti-XSS Library. Talk is not only about the new features but also about the internal workings on Anti-XSS and some tidbits on our new WPL internals. Its going to be in the evening Read More...
Posted Wednesday, July 29, 2009 3:54 AM by anilkr | 0 Comments

TAM v3.0 beta is live!

A new version of threat analysis and modeling tool has been released. This version has significant improvements from previous version as identified in previous posts. You can find more information on the download link and bugs link from TAM 3.0 Beta is Read More...
Posted Tuesday, July 21, 2009 7:33 PM by anilkr | 0 Comments
Filed under: ,

TAM v3.0 New Features!

Just posted a blog entry on the new threat analysis and modeling release features on our security tools blog site. Check it out at Threat Analysis And Modeling (TAM) v3.0 – Learn about the New Features! . Thanks RV Read More...
Posted Monday, July 20, 2009 11:01 PM by anilkr | 0 Comments

Connection String Injection Attack

Today I was looking at some new classes in .NET 2.0 and stumbled across DbConnectionStringBuilder class. This class provides compile time checks around building connection strings with user input. If you are constructing connection string dynamically Read More...
Posted Monday, July 20, 2009 10:58 PM by anilkr | 0 Comments
Filed under: ,

Web Protection Library – new Project

Another post on the new security tools blog about WPL. http://blogs.msdn.com/securitytools/archive/2009/07/09/web-protection-library-wpl-a-brief-introduction.aspx Thanks RV Read More...
Posted Thursday, July 09, 2009 8:25 PM by anilkr | 0 Comments
Filed under:

Threat Analysis and Modeling 3.0 Video

Here is a video that I did couple of weeks back about TAM 3.0 release. It gives some details on the new features and how we started working on TAM 3.0 release. Will post more details as I get them. http://channel9.msdn.com/posts/Jossie/Thread-Analysis--Modeling-Tool-TAM-30/ Read More...
Posted Tuesday, July 07, 2009 8:14 PM by anilkr | 0 Comments
Filed under: ,

Multiple Modal POPUPS and Z-Index

AJAX modal popup extender gives developers ability to show javascript based modal windows. This powerful extender can be used to show editing UI, progress bars and/or error messages etc. This does pose some challenges specially when there are two modal Read More...
Posted Tuesday, June 23, 2009 1:40 AM by anilkr | 0 Comments
More Posts Next page »
 
Page view tracker