March 2008 - Posts
These are pretty cool - I'm a big fan of highly focused, short education like this... http://msdn2.microsoft.com/en-us/security/bb896640.aspx
Read More...
Update: Added Microsoft bulletin stuff. I'm always looking up CVEs so I want to get to the data as quickly as possible, especially if I'm digging through a load of them. Three years ago I posted some code to perform CVE lookup using Smart Tags in Microsoft
Read More...
MSDN Magazine has just published an article I wrote that collects many of the various C and C++ defenses in the current Visual C++ compiler suite, all of these defenses are SDL requirements or recommendations.
Read More...
Following on from my recent post about Windows Vista security and the SDL, a number of people have indicated to me that obvioulsy it's a fluke. It's important to point out that the reason I talk about Windows Vista so much is because I work in the Windows
Read More...
Windows Server 2008 has shipped! And a fine product it is, too! Windows Server 2008 is the first Windows Server to go through the full SDL process, making it the most secure version of Windows Server to date. We raised the security bar in Windows Vista,
Read More...
