Crash Course: Analyze Crashes to Find Security Vulnerabilities in Your Apps

Glenn Block explains how the Managed Extensibility Framework, a new library coming in .NET Framework 4.0, tackles the longstanding issue of building applications and components that can be reused and extended by others. Learn how to build apps that can use new functionality introduced by developers, framework authors and third-party extenders.Glenn BlockMSDN Magazine February 2010

Many companies starting out with the SDL are doing so in combination with a security compliance program. We'll show you some best practices and pitfall we've seen when employing SDL principles for compliance.Brad HillMSDN Magazine February 2010

Many early adopters cloud platforms have questions about security. We review some of the cryptography services and providers in Windows Azure along with some security implications for applications in the cloud.Jonathan WiggsMSDN Magazine January 2010

Over the past few years, federated security models and claims-based access control have become increasingly popular. Platform tools in this area have also come a long way. Windows Identity Foundation (WIF) is a rich identity model framework designed for building claims-based applications and services and for supporting active and passive federated security scenarios.Michele Leroux BustamanteMSDN Magazine November 2009

This article is the third in a series about n-tier programming with the Entity Framework, specifically about building custom Web services with the Entity Framework and WCF. This article looks at features coming in the second release of the Entity Framework (EF4) and how you use them to implement the Self-Tracking Entities and Data Transfer Objects (DTOs) n-tier patterns.Daniel SimmonsMSDN Magazine November 2009

The .NET Framework 4 introduces many updates to the .NET security model that make it much easier to host, secure and provide services to partially trusted code. This article dives into the many features and benefits of the .NET security model.Andrew DaiMSDN Magazine November 2009

This article reviews what makes XML vulnerable to denial of service attacks and how to mitigate these attacks.Bryan SullivanMSDN Magazine November 2009

This month, Howard Dierking explores the value of maintaining a few discrete technology interests in order to avoid being swept away in a sea of buzzwords and new technologies.Howard DierkingMSDN Magazine September 2009

This article explores the use of threat modeling to address security concerns in your applications.Michael HowardMSDN Magazine September 2009

Even if you use only the most secure algorithms and the longest key lengths, there's no guarantee that the code you write today will remain secure. A better alternative is to plan for agility from the beginning. Rather than hard-coding specific cryptographic algorithms into your code, use one of the crypto-agility features built into the Microsoft .NET Framework. This article shows you how.Bryan SullivanMSDN Magazine August 2009