Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » CAT.NET   (RSS)
The CAT.NET 2.0 Configuration Analysis Engine
Maqbool Malik here… One of the most significant update to CAT.NET in v2.0 is the addition of a configuration engine. The goal of the engine is to identify insecure configuration at all layers of the application (configuration files, code level configuration, Read More...
Posted: Tuesday, December 01, 2009 7:41 PM by cisg | 0 Comments
Filed under: , , , , , ,
How to Run CAT.NET 2.0 CTP
RV here... With the new build of CAT.NET available on connect.microsoft.com you must have noticed that the new version includes only a command line tool. We we will be releasing the Visual Studio rules as part of Beta1 release. So lets look at how we Read More...
Posted: Thursday, November 12, 2009 10:54 PM by cisg | 3 Comments
Filed under: , , , ,
Web Application Configuration Analyzer – WACA CTP Release Coming Soon
RV here... Last year we developed an internal tool to review servers for security configuration issues. Microsoft offers several enterprise options for doing this such as Systems Center Configuration Manager but the requirements were for a lightweight Read More...
Posted: Friday, November 06, 2009 5:26 PM by cisg | 0 Comments
Filed under: , , , , , , , ,
Implementation Ideas for the CAT.NET 2.0 Tainted Variable Analysis Algorithm
Andreas Fuchsberger here….. Within the Information Security Tools Group we are now really getting into a redesign of our popular Code Analysis Tool for .NET (CAT.NET). One of the biggest challenges we have is to redesign the engine so that it no longer Read More...
Posted: Wednesday, July 08, 2009 9:08 PM by cisg | 0 Comments
Filed under: , , , ,
Some Interesting Posts
Mark Curphey here......( @curphey on Twitter) There is a stack of new interesting videos and posts related to the software security tools we build that I found this week. Ben Livshits video on the architecture of CAT.NET here RV talking about TAM 3.0 Read More...
Posted: Friday, July 03, 2009 11:36 AM by cisg | 0 Comments
Filed under: , ,
New Build of CAT.NET (Version - 1.1.1.9) – Please Upgrade
Syed Aslam Basha here…..I am a tester on the Information Security Tools team. There is a new build of CAT.NET Version 1.1.1.9 now available for download on MSDN ( 32 bit here and 64 bit here ). We recommend *ALL* users upgrade to this latest release, Read More...
Posted: Saturday, June 27, 2009 9:51 AM by cisg | 3 Comments
Filed under: , ,
What’s Coming from the Information Security Tools Team
Mark Curphey here (Follow me using @curphey on Twitter ). June is a busy time of year around MSFT. For most teams you have a pretty good idea about your budget for the next year (July – July) and the end of year performance review cycle kicks in. You Read More...
Posted: Thursday, June 04, 2009 10:11 AM by cisg | 1 Comments
Filed under: , , , , , , ,
Running CAT.NET as a Custom MSBuild Task
Syed Aslam Basha here. I am a tester on the Information Security Tools team and responsible for testing CAT.NET. You can run CAT.NET as; A Visual studio add-in From Command prompt As an FXCop rule Lastly, integrated into VSTF Team build as an MSBuild Read More...
Posted: Monday, June 01, 2009 12:41 PM by cisg | 1 Comments
Filed under: ,
CAT.NET – How Big Do Your Project Files Grow ?
We are planning a complete re-write of the core CAT.NET engine starting July 1st to get a scalable engine from which we can build on. Building graphs from code is “expensive” hence the OOM issues with the current version. We do it all in memory.. doh! Read More...
Posted: Wednesday, May 20, 2009 2:06 PM by cisg | 4 Comments
Filed under: ,
Page view tracker