Application Security Arena

Nimrod Luria Microsoft ACE Team

What to do When IIS MMC doesn't do the work

for example- if you want to use WCF and windows integarted security you will need to conifgure the...

Author: MSDN Archive Date: 05/21/2007

WCF Security References

WCF security http://msdn2.microsoft.com/en-us/library/ms732362.aspx WCF with x509...

Author: MSDN Archive Date: 05/20/2007

The Silverlight Security Model

Since the v1.1 release of Silverlight includes a slimmed down version of the CLR, you might be...

Author: MSDN Archive Date: 05/10/2007

Where is my private key ?

A lot of errors are coming up while working with X509. there is a lot of confusion of where do I...

Author: MSDN Archive Date: 03/19/2007

Developing Applications to Use Group Policy

are we at the time when IT pro's will start talking to the dev team about security ?it's seems like...

Author: MSDN Archive Date: 03/19/2007

How to report a bug for WCF, WF and .NET 3

you can effect the way that .NET 3.0 will be. you have three main spots where you can report a bug...

Author: MSDN Archive Date: 03/08/2007

Fundamental Computer Investigation Guide For Windows

http://www.microsoft.com/technet/security/guidance/disasterrecovery/computer_investigation/default.m...

Author: MSDN Archive Date: 03/08/2007

X509 specifications for those who need the low level info.

You might will be interest to read this RFC if you need to develop applications that need to handle...

Author: MSDN Archive Date: 03/06/2007

February 2007 CTP of Enterprise Library 3.0.

Includes a preview of the new Policy Injection Application Block, and release candidate of all other...

Author: MSDN Archive Date: 03/04/2007

WCF Supporting Tokens

The Supporting Tokens sample demonstrates how to add additional tokens to a message that uses...

Author: MSDN Archive Date: 03/04/2007

Migration path to WCF

From .NET Remoting to the Windows Communication Foundation (WCF)...

Author: MSDN Archive Date: 02/28/2007

how to get AlternativeName and UPN from X509 certificate

using X509NameType Enumeration you can extract all the fields from a x509 certificate. this enum is...

Author: MSDN Archive Date: 02/27/2007

more about ajax security

http://blogs.ittoolbox.com/security/dmorrill/archives/billy-hoffman-on-ajax-security-11141 some...

Author: MSDN Archive Date: 02/25/2007

defend - protect - detect - recover - manage !

in order to know how do detect and attack and protect you should first understand the attack ! a...

Author: MSDN Archive Date: 02/25/2007

Netmon 3 - Nmcap.exe

Network monitor 3.0 has a command line tool as well to capture traffic. You can use the ‘Nmcap.exe’...

Author: MSDN Archive Date: 02/25/2007

XSS and HTML injection attacks

just copy and paste to implement an XSS. sources can be found here : http://ha.ckers.org/xss.html

Author: MSDN Archive Date: 02/24/2007

S E C U R E Acrostic

Seamless The more integration work that has to be done to get a component to work, the more...

Author: MSDN Archive Date: 02/24/2007

Download Network monitor 3 Now !

Download Microsoft Network Monitor (netmon) 3.0 Microsoft Network Monitor 3.0 is a brand new...

Author: MSDN Archive Date: 02/24/2007

reflector 5

check out the new version of reflector here

Author: MSDN Archive Date: 02/24/2007

Guidance Explorer is here for security

Great tool from P&P that can help you to implement security issues in your code and servers. the...

Author: MSDN Archive Date: 02/24/2007

Welcome to my Blog

Hi, My Name is Nimrod Luria and I'm a consultant at the ACE team. at the next few days i will...

Author: MSDN Archive Date: 02/24/2007