Regulatory Compliance: An Introduction to Compliance for Developers

With the ever increasing regulatory requirements for organizations, many of the applications we write may need to meet certain compliances.  Here is an interesting read for developers:  Regulatory Compliance Demystified: An Introduction to Compliance for Developers

SQL Server 2005 Security for Developers Webcast for on-demand viewing is available

The on-demand Webcast of SQL Server 2005 for Developers, conducted on March 22, 2006, by Rob Walters–Program Manager, SQL Server Security–and I, is now available for on-demand viewing. Post Notes from this Webcast can be found at my blog. Look forward to seeing everyone for next week webcast.


"Atlas" March CTP with Go Live license, now available

At MIX06, it was announced that the “Atlas” March CTP is now available and it has a Go Live license so you can take applications into production.  The atlas team also re-launched the with a new “Atlas” enabled experience, customer profiles, improved “Atlas” documentation and more.    Lastly, MIX06 kicked off the “Mash-it-up with ‘Atlas'”…

Regenerating Keys in SQL Server 2005

In my latest Webcast on SQL Server 2005 Security one of the questions that came up was: “If some fields of your table are encrypted and you are suspicious that the key has been revealed can you re-encrypt all the fields with the regenerated key”?  Currently, there is no easy way to manage a key…


Post Webcast’s Notes: Securing SQL Server 2005 for Developers

This morning was a jammed filled session covering off a lot of changes made to Microsoft SQL Server 2005.  Over the last few weeks we talk exclusively about Front End security issues such as Input trust and the creation of a Development and Design environment to better emulate your production environment.  However, today we switched…


realDEVELOPMENT_06 tour is Coming!

Earlier this week, MSDN Canada announced the realDEVELOPMENT_06 tour. realDEVELOPMENT_06 will feature two sets of sessions; one entitled, “Web Platform” and the other entitled, “Security on the Brain”. The Web Platform Sessions will feature talks on technologies that fall into the Web 2.0 camp. Specifically, we’ll examine Windows Live and ASP.NET “Atlas”. The Security on…

IOSEC and Anti-Cross Site Scripting Tool

Recently, Microsoft released the latest update to Anti-Cross Site Scripting tool which is part of a bigger plan known as the Microsoft IOSEC—an internal library.    The IOSEC library currently implements encoding protection against XSS attacks conducted through vectors such as HTML, URLs, JavaScript, HtmlAttributes and Visual Basic Script.  The Anti-Cross Site Scripting Library currently…

Code Scanning Tools’ WebCast for on-demand viewing is available

The on-demand version of the Visual Studio 2005 and Code Scanning Tools, conducted on March 15, 2006,by Kevin Lam and I, is now available for on-demand viewing. Look forward to seeing everyone for next week webcast.

Team Foundation Server Ships Tomorrow

You may not have heard it here first, but Rick LaPlante announced today, at SDWest 2006, that Microsoft is releasing Visual Studio 2005 Team Foundation Server tomorrow—March 17, 2006.  This was reported in Rob Carron’s blog.  Team Foundation Server should be available for download on MSDN within 3 – 5 days.


The New Beta Experience: This is really cool!!!

The Beta Experience is the new testing platform with tailor-made information for Microsoft developers. By registering to the Beta Experience you will be provided with the opportunity to download or order the latest Beta versions of Microsoft software for testing and the Beta Experience newsletter (6-weekly, terminated with the launch of the final version of the software)…