Microsoft SDL Process Template is now available

Our Security Development Lifecycle (SDL) team has release a process template for Team Foundation Server 2008. Why is this important? Ask yourself, how secure is your application? Is security built into your application from the beginning or an afterthought? Are you properly protecting your application against SQL Injection? Buffer overflows? Poor exception handling? If you…

1

Free Book Download: Writing Secure Code for Windows Vista

Microsoft Press is celebrating 25 years of publishing books focused on helping people "take their skills and knowledge to the next level." With that celebration, they are offering a "Free e-Book of the Month" and this month, they are offering Michael Howard’s book, Writing Secure Code for Windows Vista. Michael Howard is one of Microsoft’s…

0

SQL Injection is on the Rise Again

Microsoft recently released a Security Advisory (954462) stating that web sites are being attacked via SQL Injection techniques. Most attacks typically try to exploit the operating system (IIS, SQL Server, Windows, Linux, Apache, etc.). SQL Injection’s goal is to attack the customer web application to gain access to a system, control an application’s data, and…

1