June 2008 - Posts
Hi, this week is a post from Michael Howard and Laura Machado de Wright, who both attended and presented at TechEd 2008 in Orlando the week of June 2 nd . First up is Laura. I have been a Security Program Manager for the last 3 years, working as a security
Read More...
Bryan here. A couple of weeks ago, I posted a blog entry with links to SQL injection defense guidelines. The SDL requires guidance and education for end-users, and tools to verify security settings are highly recommended, as defined in " Stage 5: Implementation
Read More...
Adam Shostack here. I wanted to share my slides from the recent Layer One conference [link], where I talked about "SDL Threat Modeling: Past, Present and Future." There are a few points that I wanted to emphasize. The first is that I'm talking
Read More...
Hi, Michael here. In a previous post I explained how to use HeapSetInformation correctly. In short there's an option when calling this function that will terminate your application if the heap manager detects some form of heap corruption, or the potential
Read More...
