Welcome to MSDN Blogs Sign in | Join | Help

November 2009 - Posts

How to Configure WPL v1.0 SRE
RV here... With the release of Web Protection Library v1.0 (WPL) Security Runtime Engine (SRE) has been significantly updated. It now includes a SQL Injection Detection module which can detect certain attack vectors. It also include re-designed configuration Read More...
Posted: Wednesday, November 18, 2009 1:12 AM by cisg | 3 Comments
Filed under: , , , , , ,
How to Run CAT.NET 2.0 CTP
RV here... With the new build of CAT.NET available on connect.microsoft.com you must have noticed that the new version includes only a command line tool. We we will be releasing the Visual Studio rules as part of Beta1 release. So lets look at how we Read More...
Posted: Thursday, November 12, 2009 10:54 PM by cisg | 3 Comments
Filed under: , , , ,
WPL at SecurityBytes in India
If you want to come hear Anil Chintala (one of the developers on Anti-XSS) speak about the new WPL you can catch him at the OWASP / SecurityBytes conference in New Delhi later this week. http://www.securitybyte.org/   It’s being opened by the former Read More...
Posted: Wednesday, November 11, 2009 7:05 AM by cisg | 0 Comments
Some New Software Security Tools for Web Developers – (CTP Releases)
Curphey here…..(follow me on Twitter @curphey if you want the breaking news!) My wife keeps telling me I work too much. Maybe I do, maybe I don’t but if I do I am not alone. Some folks on my team have been doing some super-human stuff and we are ready Read More...
Posted: Wednesday, November 11, 2009 6:56 AM by cisg | 6 Comments
Forefront Identity Manager 2010 (FIM 2010) Data Cache
Hi, Syam Pinnaka here. I am a Sr. SDE on the Information Security Tools Team. In one of the recent projects there is a requirement to build an audit trail of “Group” object related activities in Forefront Identity Manager 2010 (FIM 2010). FIM provides Read More...
Posted: Monday, November 09, 2009 4:12 PM by cisg | 0 Comments
Filed under: , ,
Web Application Configuration Analyzer – WACA CTP Release Coming Soon
RV here... Last year we developed an internal tool to review servers for security configuration issues. Microsoft offers several enterprise options for doing this such as Systems Center Configuration Manager but the requirements were for a lightweight Read More...
Posted: Friday, November 06, 2009 5:26 PM by cisg | 0 Comments
Filed under: , , , , , , , ,
How To: Web Service Load Testing Using VSTS 2010
Syed Aslam Basha here. I am a tester on the Information Security Tools team. Apart from performance testing for web sites, I have done load testing on web services for many of our projects. I will show how to create a web test for web service using Visual Read More...
Posted: Wednesday, November 04, 2009 9:54 PM by cisg | 0 Comments
Filed under:
How To: Use Perfmon in Windows 7
Syed Aslam Basha here. I am a tester on the Information Security Tools team. This blog post is in continuation with How To: Identify Memory Leaks In An Unmanaged Application blog post. I will show how to setup perfmon to collect data for the selected Read More...
Posted: Wednesday, November 04, 2009 12:40 AM by cisg | 0 Comments
Filed under:
Double Hop Windows Authentication with IIS Hosted WCF Service
Hello, Randy Evans here.  I am a principal developer on the Information Security Tools Team.  In a recent project, we had a intranet web site that called an IIS hosted WCF service.  The WCF service, in turn, called a SQL Server Reporting Read More...
Posted: Wednesday, November 04, 2009 12:35 AM by cisg | 0 Comments
Filed under: , , , , , ,
Page view tracker