Welcome to MSDN Blogs Sign in | Join | Help

security (RSS)

Security Testing and Risk Management
My first article on the topic is now published in the March 2009 issue of Testing Experience magazine, pages 28-30. http://www.testingexperience.com/subscribe.php (free online subscription takes you to PDF download) Read More...
Posted: Friday, March 13, 2009 1:38 PM by ejarvi | (Comments Off)
Filed under: ,
Microsoft Office Security Team
The Office security team typically targets memory-corruption bugs in the software like buffer overruns, integer overruns, and format strings... http://www.darkreading.com/document.asp?doc_id=159305 Read More...
Posted: Friday, July 18, 2008 3:13 PM by ejarvi | (Comments Off)
Filed under: ,
security & perf videos
J.D. Meier has posted a decent index of videos covering performance testing, ASP.NET 2.0, and VSTS: http://blogs.msdn.com/jmeier/archive/2007/11/22/videos-security-performance-testing-and-visual-studio-team-system.aspx Read More...
Posted: Monday, November 26, 2007 3:32 PM by ejarvi | 1 Comments
Filed under: , , , ,
Information Assurance
The Unintended Consequences of the Information Age Lecture Series: Our Infrastructures: Online and Vulnerable? Jointly sponsored by The Center for Information Assurance and Cybersecurity, UW-INSER, the MS Program in Strategic Planning for Critical Infrastucture, Read More...
Posted: Saturday, October 27, 2007 11:47 PM by ejarvi | 1 Comments
Filed under: , ,
Patterns & Practices Security Videos
"Click Here" http://blogs.msdn.com/jmeier/archive/2007/03/24/patterns-practices-security-videos.aspx Read More...
Posted: Monday, March 26, 2007 10:53 AM by ejarvi | 1 Comments
Filed under: , ,
drive-by pharming
I'm preaching to the choir here, but if your wireless router still has the default password you might want to do something about it. Locally grown: Good! Drive-by Pharming: Baaaaddddd. http://www.symantec.com/enterprise/security_response/weblog/2007/02/driveby_pharming_how_clicking_1.htm Read More...
Posted: Friday, February 23, 2007 1:06 PM by ejarvi | (Comments Off)
Filed under:
Michael Howard on the Silver Bullet Security Podcast
Here's the link... http://www.cigital.com/silverbullet/show-006/ Read More...
Posted: Friday, September 29, 2006 8:19 PM by ejarvi | (Comments Off)
Filed under: , ,
CERT Secure Coding Standards
"This web site exists to support the development of secure coding standards for commonly used programming languages such as C and C++. " https://www.securecoding.cert.org/confluence/display/seccode/CERT+Secure+Coding+Standards Read More...
Posted: Wednesday, September 27, 2006 12:22 PM by ejarvi | 1 Comments
Filed under: ,
MSRC Stories
This article has an interesting peek into life at the Microsoft Security Response Center: http://redmondmag.com/features/article.asp?EditorialsID=616 "I'm at the shop and over the radio I hear: 'The Internet was taken down today by a worm affecting SQL Read More...
Posted: Wednesday, August 09, 2006 5:03 PM by ejarvi | (Comments Off)
Filed under:
computer security rant of the day
Exercise your mind: Let me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good ideas. They're the braindamage that makes your $100,000 ASIC-based turbo-stateful packet-mulching firewall transparent to hackers. Read More...
Posted: Monday, July 17, 2006 2:21 PM by ejarvi | 1 Comments
Filed under:
port 25 is open on port 80
Here's an interesting blog to watch courtesy the Open Source Software Lab @ Microsoft - http://port25.technet.com/ (for RSS - http://port25.technet.com/rss.aspx ) Read More...
Posted: Friday, July 07, 2006 10:03 AM by ejarvi | (Comments Off)
Filed under: , ,
bluehat links
Some good links if you want to check out some of the speakers and topics addressed at the last Microsoft bluehat conference: http://blogs.technet.com/bluehat/archive/2006/03/21/422707.aspx Read More...
Posted: Tuesday, March 21, 2006 6:52 PM by ejarvi | (Comments Off)
Filed under:
running with least privilege
"In the ongoing battle to fight internal and external threats on the corporate desktop, IT staffers may be forgetting one very potent weapon in their arsenal—system lockdown." http://www.thechannelinsider.com/print_article2/0,1217,a=166172,00.asp If you Read More...
Posted: Wednesday, November 30, 2005 1:45 PM by ejarvi | (Comments Off)
Filed under:
development related security tools at SecureWorld
There were two vendors at SecureWorld conference today in Bellevue that might be worth checking out if you are looking for developer/tester related security products. They should also be there tomorrow as well - free registration if you are just walking Read More...
Posted: Wednesday, October 19, 2005 8:07 PM by ejarvi | 1 Comments
Filed under: ,
Reducing Browser Privileges
"a simple yet little-known approach exists for users to avoid many of these vulnerabilities in any web browser" http://www.securityfocus.com/infocus/1848 Read More...
Posted: Wednesday, October 05, 2005 1:41 PM by ejarvi | (Comments Off)
Filed under: ,
More Posts Next page »
Page view tracker