Security Briefs: Protect Your Site With URL Rewriting

ASP.NET 4.0 and Visual Studio 2010 Beta 2 was released to MSDN Subscribers earlier this week.

General availability is scheduled for tomorrow !

Read the announcement [ HERE ] with an overview about the new SKUs and features or go straight to the download [ HERE ].

Check out the new look !!!!

Many companies starting out with the SDL are doing so in combination with a security compliance program. We'll show you some best practices and pitfall we've seen when employing SDL principles for compliance.Brad HillMSDN Magazine February 2010

Many early adopters cloud platforms have questions about security. We review some of the cryptography services and providers in Windows Azure along with some security implications for applications in the cloud.Jonathan WiggsMSDN Magazine January 2010

The .NET Framework 4 introduces many updates to the .NET security model that make it much easier to host, secure and provide services to partially trusted code. This article dives into the many features and benefits of the .NET security model.Andrew DaiMSDN Magazine November 2009

This article reviews what makes XML vulnerable to denial of service attacks and how to mitigate these attacks.Bryan SullivanMSDN Magazine November 2009

This article explores the use of threat modeling to address security concerns in your applications.Michael HowardMSDN Magazine September 2009

Even if you use only the most secure algorithms and the longest key lengths, there's no guarantee that the code you write today will remain secure. A better alternative is to plan for agility from the beginning. Rather than hard-coding specific cryptographic algorithms into your code, use one of the crypto-agility features built into the Microsoft .NET Framework. This article shows you how.Bryan SullivanMSDN Magazine August 2009

Listen in on a chat between a developer and security pro that delves into some of the major Security Development Lifecycle (SDL) requirements we impose on product teams here at MicrosoftMichael HowardMSDN Magazine May 2009

A Security Token Service, or STS, acts as a security gateway to authenticate callers and issue security tokens carrying claims that describe the caller. See how you can build a custom STS with the "Geneva" Framework.Michele Leroux BustamanteMSDN Magazine January 2009

The Security Development Lifecycle (SDL) threat modeling tool helps you develop great threat models as a backbone of your security process. We'll show you how it works.Adam ShostackMSDN Magazine January 2009