Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » noise » security   (RSS)
Information Assurance
The Unintended Consequences of the Information Age Lecture Series: Our Infrastructures: Online and Vulnerable? Jointly sponsored by The Center for Information Assurance and Cybersecurity, UW-INSER, the MS Program in Strategic Planning for Critical Infrastucture, Read More...
Posted: Saturday, October 27, 2007 11:47 PM by ejarvi | (Comments Off)
Filed under: , ,
port 25 is open on port 80
Here's an interesting blog to watch courtesy the Open Source Software Lab @ Microsoft - http://port25.technet.com/ (for RSS - http://port25.technet.com/rss.aspx ) Read More...
Posted: Friday, July 07, 2006 10:03 AM by ejarvi | (Comments Off)
Filed under: , ,
development related security tools at SecureWorld
There were two vendors at SecureWorld conference today in Bellevue that might be worth checking out if you are looking for developer/tester related security products. They should also be there tomorrow as well - free registration if you are just walking Read More...
Posted: Wednesday, October 19, 2005 8:07 PM by ejarvi | (Comments Off)
Filed under: ,
Reducing Browser Privileges
"a simple yet little-known approach exists for users to avoid many of these vulnerabilities in any web browser" http://www.securityfocus.com/infocus/1848 Read More...
Posted: Wednesday, October 05, 2005 1:41 PM by ejarvi | (Comments Off)
Filed under: ,
leastprivilege.com
Thank to .NET Delirium for pointing out this site: http://blogs.msdn.com/gduthie/archive/2005/09/01/459576.aspx Read More...
Posted: Friday, September 02, 2005 12:35 AM by ejarvi | (Comments Off)
Filed under: , ,
the amazing live honey monkeys
Security researchers have all the fun. This paper describes how the Strider HoneyMonkey Exploit Detection system uses active client honeypots (AKA "honey monkeys") to find web sites that exploit browser vulnerabilities. ftp://ftp.research.microsoft.com/pub/tr/TR-2005-72.pd Read More...
Posted: Monday, August 15, 2005 4:05 PM by ejarvi | (Comments Off)
Filed under: , ,
How To Break Web Software
This is not a Microsoft sponsored talk, and the term "webinar" makes me cringe, but it might be worth it for testers in the crowd: "In this Webinar, the primary author of all three books of the "How to break.." series will take you on a journey through Read More...
Posted: Wednesday, August 03, 2005 2:02 PM by ejarvi | (Comments Off)
Filed under: , ,
static code analysis in the news
I remember a few years ago at a software quality conference in Portland telling people in the hallway after talks about these cool static code analysis tools we had, but then having to admit they were just internal. Fast forward to today, the news is Read More...
Posted: Tuesday, August 02, 2005 2:46 PM by ejarvi | 1 Comments
Filed under: , , ,
NIST - Early Computer Security Papers
Thanks to Michael Howard for passing this along... "This list of papers was initially distributed on CD-ROM at NISSC '98. These papers are unpublished, seminal works in computer security. They are papers every serious student of computer security should Read More...
Posted: Tuesday, June 07, 2005 6:43 PM by ejarvi | (Comments Off)
Filed under: ,
thoughts on the future of dynamic code analysis
This really belongs in the comments field of my last blog post, but it turned out I had more thoughts to vent and this would make a monster of a comment, so here goes: What more could there be to dynamic analysis than code coverage and profiling? Probably Read More...
Posted: Friday, May 20, 2005 12:28 PM by ejarvi | 2 Comments
Filed under: , , , ,
Page view tracker