Features of Web Protection Library v1.0

Syed Aslam Basha here from the Information Security Tools team. WPL v1.0 has got the following features: AntiXSS library (It has got deprecated methods of AntiXSS) Encoder Library (It has got AntiXSS methods provided in the new namespace) Security runtime engine (SRE) configuration editor SRE modules Cross-site scripting protection module SQL injection partial protection module For…

2

How To: Configure your application to use WPL – SRE modules

Syed Aslam Basha here from the Information Security Tools team. In order to use security runtime engine (SRE) in your application, you need to configure web.config. Currently SRE has got two modules, cross-site scripting protection module and SQL injection partial protection module. Launch security runtime engine configuration editor from start – >  All programs –>…


Protecting your websites against SQL injection using web protection library v1.0

Syed Aslam Basha here from the Information Security Tools team. Apart from Cross-site scripting (XSS) protection/detection Web protection library (WPL) has security runtime engine (SRE) – http module to protect/detect from SQL injection attacks as well. SQL Library is available as a supplemental library setup, you can install it during installation of WPL. Otherwise you…

2

New Security Tools – CTP Releases!

Syed Aslam Basha here from the Information Security Tools team. CAT.NET v2.0 CTP – CAT.NET is totally revamped and it uses phoenix compiler infrastructure. Currently, the CAT.NET v2.0 CTP has: · New core data flow analysis engine based on Phoenix · New configuration rules engine · Command line interface WPL v1.0 CTP – WPL mitigate…