Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Security   (RSS)

Foundations: Code Access Security in WCF

In the .NET Framework 3.5, WCF only allows a limited set of scenarios to execute in partial trust. Ideally, you would like to tap into the full power of WCF from distributed transactions to reliable calls to various security credential types without trading Read More...
Posted Friday, August 01, 2008 7:00 AM by tdorsey | 0 Comments
Filed under: ,

Security Briefs: Approaches to Threat Modeling

There are many things called threat modeling. Rather than argue about which is "the one true way," a good practice is to consider your needs and what your skills, abilities, and schedules are, and then work with a method that's best for you. Read More...
Posted Wednesday, July 23, 2008 7:00 AM by tdorsey | 0 Comments
Filed under:

Security: a One-Time Password Solution

Passwords can be a big security and manageability headache for enterprise IT administrators. Because passwords are cached on computer hard drives and stored on servers, they are susceptible to cracking. In the June 2008 issue of MSDN Magazine , Dan Griffin Read More...
Posted Monday, June 09, 2008 7:00 AM by MSDNMagazine | 0 Comments
Filed under:

Elevation PowerToys and other Security content in TechNet Magazine

Whether you’re a developer or an IT pro – or maybe your job involves a little of both – security is an ever-present concern. The June 2008 issue of our sister publication, TechNet Magazine , is focused on security issues. While I recommend reading the Read More...
Posted Friday, May 30, 2008 8:12 AM by MSDNMagazine | 0 Comments
Filed under: ,

Security Briefs: Buffer overrun defenses in Visual C++

There are a number of reasons for the many buffer overruns in production C and C++ code. The languages provide direct access to vulnerable memory, but developers also make mistakes, and there have historically been few defenses offered by compilers. In Read More...
Posted Tuesday, March 25, 2008 10:23 AM by MSDNMagazine | 0 Comments
Filed under: ,

Windows with C++: Windows Services Enhancements

Windows Vista and Windows Server 2008 bring some significant changes to services. Many of these features are focused on making it simpler to produce services that are more secure, but among the non-security-related service features are a few aimed at Read More...
Posted Friday, February 29, 2008 7:00 AM by MSDNMagazine | 1 Comments
Filed under: , ,

Office Space: Security Programming in SharePoint 2007

You may already know the fundamentals of security programming with Windows and ASP.NET security, but how well do you know the security layer that Windows SharePoint Services 3.0 (WSS) adds on top? In the February issue of MSDN Magazine , Ted Pattison Read More...
Posted Monday, February 11, 2008 7:00 AM by MSDNMagazine | 1 Comments
Filed under: , ,

Trustworthy Computing: Lessons learned so far

"Five years ago, Bill Gates issued a memo to all Microsoft employees explaining the importance of building more secure software. Since then, many people across Microsoft have worked to improve the security of their products. In doing so, we've learned Read More...
Posted Wednesday, October 31, 2007 7:00 AM by MSDNMagazine | 1 Comments
Filed under:

Creating a Custom Fuzz Test Interface Provider

These days, fuzzing is most frequently used to validate file and network parsers - literally piping a random source of binary data into the parser and then seeing what happens. In the November issue of MSDN Magazine, Dan Griffin takes a look at the extensibility Read More...
Posted Monday, October 29, 2007 7:00 AM by MSDNMagazine | 0 Comments

Code Reviews Help Find and Fix Vulnerabilities in Your Apps

Small coding errors can result in critical vulnerabilities that can compromise the security of not just entire systems, but even entire companies. Security vulnerabilities are not typically caused by a single error, but rather by a sequence of errors Read More...
Posted Friday, October 26, 2007 7:00 AM by MSDNMagazine | 1 Comments
Filed under: ,

Analyze Crashes to Find Security Vulnerabilities in Your Apps

How can you make sure a crash in your program is not exploitable? The short answer is simple: assume every crash is exploitable and just fix it! In the November issue of MSDN Magazine, Adel Abouchaev , Damien Hasse , Scott Lambert , and Greg Wroblewski Read More...
Posted Monday, October 22, 2007 7:00 AM by MSDNMagazine | 1 Comments
Filed under: ,

November 2007 MSDN Magazine now online

The November 2007 issue of MSDN Magazine is now available online at http://msdn.microsoft.com/msdnmag/issues/07/11/default.aspx . November brings our 2007 Security Issue, featuring a range of security related topics from code review best practices to Read More...
Posted Friday, October 12, 2007 12:00 PM by MSDNMagazine | 3 Comments

Foundations: Declarative WCF Security

In the August issue of MSDN Magazine, Juval Lowy presents a declarative security framework for Windows Communication Foundation (WCF) that makes security configuration closer to the simplicity you'll find in other aspects of WCF configuration. This declarative Read More...
Posted Friday, August 10, 2007 8:00 AM by MSDNMagazine | 0 Comments
 
Page view tracker