TechNet Webcast: Configuring with Least Privilege in SQL Server 2008

I recently presented a TechNet Webcast on the topic “Configuring with Least Privilege in SQL Server 2008”. The topics covered in the Webcast are:- 1. Configuring SQL Server service accounts with least privilege. Service isolation is also explained. 2. Configuring accounts connecting to SQL Server from a Web application (Principals) with least privilege. 3. Running…

0

Catch the security flaw #6

If you can find the security issue with this piece of code, write about it by adding a comment to this blog post. This is the scenario:- 1. There is a Web site that allows end users to upload their pictures. 2. On the Web server, the Web site is physically located at C:\Inetpub\wwwroot\sampleapp, which…

7

Virtual techdays: Top 5 Web Application security bugs in custom code

Microsoft Virtual TechDays is starting from the 18th February 09. In the security track, I will be presenting on the topic “Top 5 Web Application Security bugs in custom code”. As a security engineer in the ACE Team, I have been reviewing line-of-business applications for the past two years. In this presentation, I will talk…

1