Welcome to MSDN Blogs Sign in | Join | Help

News

October 2009 - Posts

Ninjas are cool, but engineers build bridges
Cory at Matasano has a new blog post explaining “Ninja threat modeling.” Ninja threat modeling is Matasano’s approach to threat modeling as part of a penetration test. I’m really happy that they’ve given their approach a name. A few years back, we would Read More...
Posted: Friday, October 23, 2009 11:20 AM by sdl | 0 Comments
MS09-050, SMBv2 and the SDL
10/20/2009: Updated with correct CVE - thanks to Matthieu Suiche for pointing this out to me. Hi, Michael here. When I wrote the first analysis of why the SDL had missed a security vulnerability, I made a comment that I would continue to write these posts, Read More...
Posted: Thursday, October 15, 2009 2:19 PM by sdl | 0 Comments
Cross-Domain Security
Hi everyone, Bryan here. Peleus Uhley, Senior Security Researcher at Adobe, has written a guest post for the BlueHat blog on potential security issues with cross-domain access permissions for web sites. I’d like to encourage you to read Peleus’ post and Read More...
Posted: Monday, October 12, 2009 2:02 PM by sdl | 0 Comments
Getting the Most for Your Security Investment
Hi everyone, this is Eleanor Saitta with iSEC Partners , with a brief post about return on investment and structured security. A few weeks ago, Microsoft and iSEC Partners published a joint whitepaper titled, “Microsoft SDL: Return On Investment”, and Read More...
Posted: Monday, October 05, 2009 4:43 PM by sdl | 0 Comments
Page view tracker