Security Tools

Microsoft Security Bulletin MS12-007– Vulnerability in AntiXSS Library Could Allow Information Disclosure

Today sees the release of AntiXSS v4.2 in order to address MS12-007. As AntiXSS is a developer tool...

Author: cisg Date: 01/10/2012

CAT.NET and our fiscal year end

At this point in time we are accepting recommendations, suggestions and new features.  However,...

Author: cisg Date: 04/11/2011

CAT.NET Update – Long Overdue

Frank Brisse here… I wanted to provide an update to the CAT.NET project since it’s been a while...

Author: cisg Date: 02/21/2011

AntiXSS 4.0 Released

AntiXSS 4.0 has been released and is available from...

Author: cisg Date: 09/30/2010

How to View a Report in WACA?

Web Application Configuration Analyzer v1.0 is the latest tool released by our team that scans a...

Author: cisg Date: 09/24/2010

How to Scan a Server using WACA?

Web Application Configuration Analyzer v1.0 is the latest tool released by our team that scans a...

Author: cisg Date: 09/24/2010

Web Application Configuration Analyzer v1.0 RTW is live!

I am excited to announce the release of Web Application Configuration Analyzer v1.0 tool. The...

Author: cisg Date: 09/20/2010

CAT.NET v2.0 Update

  Frank Brisse here… I wanted to provide an update on CAT.NET v2.0.  We were looking to...

Author: cisg Date: 06/29/2010

The May 2010 Security Runtime Engine Preview is now available on CodePlex

The WPL site on CodePlex now has the May CTP code only release for the Web Protection Library and a...

Author: cisg Date: 05/27/2010

Farewell from Mark Curphey & Please Help Me Fight Blood Cancer

Mark Curphey here….. It is with some degree of sadness that I have to hang up my spurs from this...

Author: cisg Date: 03/29/2010

The Web Protection Library – plans and processes.

First off let me introduce myself; my name is Barry Dorrans, I’m a recent transplant from the UK and...

Author: cisg Date: 03/24/2010

Silverlight 3.0 Datagrid - How to change a cell state?

Hi Syam Pinnaka, Sr. SDE in Infosec tools team. Silverlight 3.0 datagrid can be used to bind to any...

Author: cisg Date: 02/12/2010

How To: Use CAT.NET 2.0 Beta

Syed Aslam Basha here. I am a tester on the Information Security Tools Team responsible for testing...

Author: cisg Date: 02/05/2010

How To: Use CAT.NET V2.0 Beta

Syed Aslam Basha here. I am a tester on the Information Security Tools Team responsible for testing...

Author: cisg Date: 02/04/2010

CAT.NET 2.0 - Beta

Mark Curphey here… Please to announce a beta of the upcoming CAT.NET 2.0. This beta program will...

Author: cisg Date: 02/03/2010

How To: View The Header of an EXE/DLL

Syed Aslam Basha here. I am a tester on the Information Security Tools Team. At times we may want to...

Author: cisg Date: 01/28/2010

Delay Between Actions Feature in CUIT

Syed Aslam Basha here. I am a tester on  the Information Security Tools Team. The CUIT code is...

Author: cisg Date: 01/18/2010

How To: Data Drive CUIT Scripts

Syed Aslam Basha here. I am a tester on  the Information Security Tools Team. One of the major...

Author: cisg Date: 01/18/2010

How To: Customize CUIT scripts

Syed Aslam Basha here. I am a tester on  the Information Security Tools Team. In the previous...

Author: cisg Date: 01/18/2010

How Do I: Configure Runtime Version

Syed Aslam Basha here. I am a tester on  the Information Security Tools Team. At times I need...

Author: cisg Date: 01/15/2010

How To: Add Assertions in Coded UI Tests

Syed Aslam Basha here. I am a tester on  the Information Security Tools Team. As continuation...

Author: cisg Date: 01/15/2010

How To: Functional Testing Automation Using Visual Studio 2010

Syed Aslam Basha here. I am a tester on  the Information Security Tools Team. I want to share...

Author: cisg Date: 01/14/2010

One Story At A Time

Hey everyone, this is Marius Grigoriu, PM leading the Risk Tracker and Security BI projects and...

Author: cisg Date: 01/05/2010

WCF Authorization with Custom Principal

Hi, I am Syam Pinnaka, Sr. SDE in InfoSec tools team. In AuthZ component of CISF, we have a...

Author: cisg Date: 01/04/2010

What’s happening with CAT.NET 2.0?

RV here... Our pre alpha release included a command line tool showcasing newer version of CAT.NET...

Author: cisg Date: 12/30/2009

How To: Use CAT.NET V2.0 CTP

Syed Aslam Basha here. I am a tester on the Information Security Tools team responsible for testing...

Author: cisg Date: 12/30/2009

How To: Turn off Strong Name Validation

Syed Aslam Basha here. I am a tester on the Information Security Tools team. In one of my ...

Author: cisg Date: 12/30/2009

WCF Security – Impersonation

Hi, Gaurav Sharma here, I’m a developer with the Information Security Tools (IST) team. In today’s...

Author: cisg Date: 12/30/2009

The CAT.NET 2.0 Configuration Analysis Engine

Maqbool Malik here… One of the most significant update to CAT.NET in v2.0 is the addition of a...

Author: cisg Date: 12/01/2009

How to Configure WPL v1.0 SRE

RV here... With the release of Web Protection Library v1.0 (WPL) Security Runtime Engine (SRE) has...

Author: cisg Date: 11/17/2009

How to Run CAT.NET 2.0 CTP

RV here... With the new build of CAT.NET available on connect.microsoft.com you must have noticed...

Author: cisg Date: 11/12/2009

WPL at SecurityBytes in India

If you want to come hear Anil Chintala (one of the developers on Anti-XSS) speak about the new WPL...

Author: cisg Date: 11/10/2009

Some New Software Security Tools for Web Developers – (CTP Releases)

Curphey here…..(follow me on Twitter @curphey if you want the breaking news!) My wife keeps telling...

Author: cisg Date: 11/10/2009

Forefront Identity Manager 2010 (FIM 2010) Data Cache

Hi, Syam Pinnaka here. I am a Sr. SDE on the Information Security Tools Team. In one of the recent...

Author: cisg Date: 11/09/2009

Web Application Configuration Analyzer – WACA CTP Release Coming Soon

RV here... Last year we developed an internal tool to review servers for security configuration...

Author: cisg Date: 11/06/2009

How To: Web Service Load Testing Using VSTS 2010

Syed Aslam Basha here. I am a tester on the Information Security Tools team. Apart from performance...

Author: cisg Date: 11/04/2009

How To: Use Perfmon in Windows 7

Syed Aslam Basha here. I am a tester on the Information Security Tools team. This blog post is in...

Author: cisg Date: 11/03/2009

Double Hop Windows Authentication with IIS Hosted WCF Service

Hello, Randy Evans here.  I am a principal developer on the Information Security Tools...

Author: cisg Date: 11/03/2009

Normal Service Will Resume Soon

The coding fairies are been busy crafting code. Blogging (and maybe even Tweeting if there is a...

Author: cisg Date: 10/28/2009

How To: Use VSTS Code Profiler

Syed Aslam Basha here. I am a tester on the Information Security Tools team. This blog post is in...

Author: cisg Date: 10/28/2009

Web Protection Library – CTP Release Coming Soon

RV here... Over the last couple of months we have been actively developing the next version of...

Author: cisg Date: 10/17/2009

How to Integrate Risk Tracker with Internal HR Feeds

Hi, Vineet Batta here. I’m a senior software developer on the Information Security Tools (IST) team....

Author: cisg Date: 09/30/2009

InfoPath Forms submission to a SharePoint Library – Part 2

Hi, Aravindhan Rajagopal here. I am a developer on the Information Security Tools team. This post...

Author: cisg Date: 09/29/2009

InfoPath Forms submission to a SharePoint library – Part 1

Hi, Aravindhan Rajagopal here. I am a developer on the Information Security Tools team. In this...

Author: cisg Date: 09/29/2009

C# Generics

Hello, I am Syam Pinnaka, I am a developer in Infosec tools team. In this blog post lets recap some...

Author: cisg Date: 09/29/2009

SQL Server 2008 Security - Policy Example

Hi, Gaurav Sharma here, I’m a developer with the Information Security Tools (IST) team. A few months...

Author: cisg Date: 09/29/2009

Risk Tracker v1.0 Release

Hi, Vineet Batta here. I’m a senior software developer on the Information Security Tools (IST) team....

Author: cisg Date: 09/29/2009

Dynamically Load Web Controls at Run Time

Hi, Randy Evans here. I’m a principal developer on the Information Security Tools team. On one of...

Author: cisg Date: 09/25/2009

Anti-XSS Library v3.1 Released!

The Microsoft Information Security Tools (IST) team has released the latest Microsoft Anti-Cross...

Author: cisg Date: 09/17/2009

Introducing the Connected Information Security Framework and Risk Tracker

The Microsoft Information Security Tools (IST) team has released the Connected Information Security...

Author: cisg Date: 09/16/2009

Next>