Security Guidance: Security Development Lifecycle (SDL) – Version 4.1a

As part of its commitment to a more secure and trustworthy computing ecosystem, Microsoft releases the SDL process guidance 4.1a. IT policy makers and software development organizations can leverage this content to enhance and inform their own software security and privacy assurance programs. The Microsoft Security Development Lifecycle Process Guidance 4.1a includes SDL for Agile…


Responsiveness: Web Applications Warm-Up

IIS Application Warm-Up for IIS 7.5 enables IT Professionals to improve the responsiveness of their Web sites by loading the Web applications before the first request arrives. By proactively loading and initializing all the dependencies such as database connections, compilation of ASP.NET code, and loading of modules, IT Professionals can ensure their Web sites are…


Web Building and Hosting with Microsoft Web Platform

Get more than just a complete stack: get a complete, interoperable Platform that combines a rich and powerful web application framework with a supporting cast of tools, servers, and technologies including a complete eco-system of products, technologies, communities, and partners, working together, to help you succeed on the Web. Large or small, blog or the…


Revenue Assurance: Search Engine Optimization (SEO) Toolkit Beta

The IIS Search Engine Optimization (SEO) Toolkit is an IIS7 extension that helps identify search engine and user experience optimizations for Web sites. The following features are included: Site Intelligence Reporting and error identification for broken/invalid links, duplicate content, tag validation, etc. Visibility into user routes, referring pages and other patterns Drilldown into page resource…


Security Testing: MiniFuzz File Fuzzer

MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code. This tool creates multiple random variations of file content and feeds it to the application to exercise the code in an attempt to expose unexpected application behaviors. Because fuzzing is effective at finding bugs, it…


Security Verification: BinScope Binary Analyzer

The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.  BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, and up-to-date build tools are in place. BinScope also reports on…


Desktop Deployment: a Toolkit for Operating System and Application Deployment Just Released

Microsoft Deployment Toolkit 2010 (MDT 2010) provides a common console with the comprehensive tools and guidance needed to efficiently manage deployment of Windows 7 and Windows Server 2008 R2. Microsoft Deployment Toolkit 2010 is the recommended process and toolset to automate desktop and server deployment. Microsoft Deployment Toolkit 2010 provides detailed guidance and job aids…


Doloto: The Power of AJAX without Its Headaches (a Microsoft Research Project)

Doloto is an AJAX application optimization tool, especially useful for large and complex Web 2.0 applications that contain a lot of code, such as Bing Maps, Hotmail, etc. Doloto analyzes AJAX application workloads and automatically performs code splitting of existing large Web 2.0 applications. After being processed by Doloto, an application will initially transfer only…


IT Governance: Microsoft Operations Framework 4.0

Microsoft Operations Framework (MOF) 4.0 delivers practical guidance for everyday IT practices and activities, helping users establish and implement reliable, cost-effective IT services. It encompasses the entire IT lifecycle by integrating: Community-generated processes for planning, delivering, operating, and managing IT. Governance, risk, and compliance activities. Management reviews. Microsoft Solutions Framework (MSF) best practices. Get the…


Acceptance Test Engineering Guide, Beta 2

How to decide if software is ready for you and your customers. The authors are looking forward to your feedback. Get this beta