Welcome to MSDN Blogs Sign in | Join | Help

August 2009 - Posts

Application Health Monitoring (in ASP.NET 2.0 and above)
Vineet Batta here, A little known but excellent features of ASP.NET is it’s ability to give support teams the ability to monitor the health of ASP.NET applications. In this article I will dwell on out of box features. No custom classes or code to be written. Read More...
Posted: Friday, August 28, 2009 10:19 PM by cisg | 0 Comments
Filed under: , , , , ,
Hash Functions in .NET – Right Tool for the Right Job
Hi, Ch etan Bhat here. I’m a developer with the Security Tools Team. In this post I will talk about common mistakes developers make when when using hash functions. Any hash function is required to meet the following two requirements. It must be easy to Read More...
Posted: Thursday, August 27, 2009 7:52 PM by cisg | 0 Comments
Filed under: ,
How to Manage a Product Backlog with Visual Studio Team System 2008
Hi this is Marius Grigoriu, Program Manager of Risk Tracker and our BI system--which will both be introduced at a later time. Today I am going to share how I track and manage projects and requirements. Both my teams are Agile teams and use product backlogs Read More...
Posted: Wednesday, August 26, 2009 12:22 AM by cisg | 0 Comments
Filed under: ,
Encoding Cascading Style Sheet Strings
RV here... Cascading Style Sheets provide developers ways to change the UI theme of a website and this provides many opportunities for malicious users to change the UI if the application uses dynamic data inside style tags or in HTML style attributes. Read More...
Posted: Friday, August 21, 2009 9:36 PM by cisg | 0 Comments
Filed under: , , , , , ,
Automating Windows Firewall Settings with C#
Hi Vamsy here. I am a Developer in Information Security Tools Team. I have done some work on automating Windows Firewall settings using C# and wanted to share what I learnt. In this post, I am going to demonstrate how to programmatically access the following Read More...
Posted: Friday, August 21, 2009 9:34 PM by cisg | 1 Comments
Filed under: , ,
LDAP Injection and Mitigation
RV here... The Lightweight Directory Access Protocol (LDAP) API provides a mechanism for connecting to, searching, and modifying internet directories. A LDAP (Lightweight Directory Access Protocol) injection attack exploits vulnerabilities in input validation Read More...
Posted: Tuesday, August 11, 2009 12:06 AM by cisg | 2 Comments
Filed under: , ,
Automate Security Management for VSTF Source Control
Kathy Shieh here. I am the dev lead for the Information Security Tools team in the US. Visual Studio Team Foundation server (VSTF)  provides a pretty good GUI interface for security management. Within the VSTF UI you can create custom roles, manage Read More...
Posted: Wednesday, August 05, 2009 3:00 AM by cisg | 0 Comments
Filed under: ,
SSL Redirect – Http Module
Vineet  Batta here again… Some time back one of our applications was released into production and since the application data was HBI  we were required to protect data both in a rest and a transit. For transit we enabled SSL, that is the link Read More...
Posted: Monday, August 03, 2009 6:00 PM by cisg | 1 Comments
Filed under: , , , ,
Application Portfolio Management (APM)
Vineet Batta here….This is a short introduction to the Application Portfolio Management (APM) component of the Connected Information Security Framework or CISF that we hope to reach the CTP milestone in next 2-3 weeks.  The APM component is designed Read More...
Posted: Monday, August 03, 2009 5:44 AM by cisg | 0 Comments
Filed under: , , ,
Object.GetHashCode()
Gaurav Sharma here, I’m a developer with the Information Security Tools team. Today I want to share something about FCL’s GetHashCode method. System.Object provides a virtual GetHashCode method so that an Int32 hash code can be obtained for any and all Read More...
Posted: Sunday, August 02, 2009 4:20 AM by cisg | 1 Comments
Filed under:
Page view tracker