If you haven't already played with the Security Policy Analyser that shipped with WSE 3.0 - take a look. It rocks! Amongst other things it performs static validations to catch vulnerabilities such as:
- Use of test root certificates
- Leaving “detailed errors” configuration turned on
- Dictionary attack is possible where signature is not encrypted
- Credit-taking attacks are possible
And if you have played with it but got frustrated that you had to run it from the command line then we have great news. Pablo Galiano has implemented a version that uses GAT (guidance automation toolkit) to integrate this capability directly into Visual Studio!
For more information or to download a version of the tool join our workspace at http://practices.gotdotnet.com/projects/sopatterns
For more information on the actual basis for the tooling take a look at the Microsoft Research Samoa project at - http://research.microsoft.com/projects/samoa/. The analyser is one result of a lengthy investigation into establishing formal methods for specifying and verifying security goals of applications...