Applying Microsoft SDL Implementation Practices within Windows Azure | TechNet Video

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, explains how the Implementation phase of the Microsoft SDL applies to buildin...  Read more

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, explains how the Implementation phase of the Microsoft SDL applies to building Windows Azure application. He starts first by defining both the similarities and key differences between implementation of on-premises solutions and Windows Azure-based applications. Following the theme of Peter’s previous theory video, Peter dives into specific tools that can be of use to secure implementation of applications on Windows Azure, including Checkmarx, Coverity and Veracode. The conversation then moves to properly implementing defenses against usual web threats (SQL injection, XSS, authentication, etc.) in the Windows Azure web applications.

Run Time:33:08

Uploaded:01/18/2011

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/da4120e6-7f4a-4d5f-a324-049150a713dd.mp4" width="800px" height="600px"></embed>

SDL Videos

Page1of 5
00:33:08

Applying Microsoft SDL Implementation Practices within Windows Azure | TechNet Video

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, explains how the Implementation phase of the Microsoft SDL applies to buildin... Read more

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, explains how the Implementation phase of the Microsoft SDL applies to building Windows Azure application. He starts first by defining both the similarities and key differences between implementation of on-premises solutions and Windows Azure-based applications. Following the theme of Peter’s previous theory video, Peter dives into specific tools that can be of use to secure implementation of applications on Windows Azure, including Checkmarx, Coverity and Veracode. The conversation then moves to properly implementing defenses against usual web threats (SQL injection, XSS, authentication, etc.) in the Windows Azure web applications.

Run Time:33:08

Uploaded:1/18/2011

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/da4120e6-7f4a-4d5f-a324-049150a713dd.mp4" width="800px" height="600px"></embed>

Applying Microsoft SDL Implementation Practices within Windows Azure | TechNet Video

Applying Microsoft SDL Implementation Practices within Windows Azure | TechNet Video

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, explains how the Implementation phase of the Microsoft SDL applies to buildin... Read more

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, explains how the Implementation phase of the Microsoft SDL applies to building Windows Azure application. He starts first by defining both the similarities and key differences between implementation of on-premises solutions and Windows Azure-based applications. Following the theme of Peter’s previous theory video, Peter dives into specific tools that can be of use to secure implementation of applications on Windows Azure, including Checkmarx, Coverity and Veracode. The conversation then moves to properly implementing defenses against usual web threats (SQL injection, XSS, authentication, etc.) in the Windows Azure web applications.

Run Time:33:08

Uploaded:1/18/2011

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/da4120e6-7f4a-4d5f-a324-049150a713dd.mp4" width="800px" height="600px"></embed>

01/18/2011
00:08:04

Applying Microsoft SDL Release Practices within Windows Azure | TechNet Video

In this video, Jason Glassberg, Co-Founder, Casaba, speaks about the Release phase of the Microsoft SDL and how to apply the Microsoft SDL release pha... Read more

In this video, Jason Glassberg, Co-Founder, Casaba, speaks about the Release phase of the Microsoft SDL and how to apply the Microsoft SDL release phase practices to applications built on top of Windows Azure. Jason explains that the Microsoft SDL can apply to any cloud-based deployment, but focuses on Windows Azure, explaining that the steps are very similar to a typical on-premises application (File an Incident Response Plan, Perform a Final Security Review and Release Archive). In Azure, the importance of understanding of the platform is doubly-important in preparing an Incident Response Plan because rollback and stopping of deployment is vastly simpler than in on-premises or full-platform hosted deployment. Because Azure makes it so simple to deploy applications, Jason emphasizes the importance of reviewing the deployment and securing deployment-related artifacts such as management accounts, access to Service Management API and SSL certificates used by applications.

Run Time:08:04

Uploaded:01/18/2011

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/659f8a4a-254e-4917-b072-209c2a681e05.mp4" width="800px" height="600px"></embed>

Applying Microsoft SDL Release Practices within Windows Azure | TechNet Video

Applying Microsoft SDL Release Practices within Windows Azure | TechNet Video

In this video, Jason Glassberg, Co-Founder, Casaba, speaks about the Release phase of the Microsoft SDL and how to apply the Microsoft SDL release pha... Read more

In this video, Jason Glassberg, Co-Founder, Casaba, speaks about the Release phase of the Microsoft SDL and how to apply the Microsoft SDL release phase practices to applications built on top of Windows Azure. Jason explains that the Microsoft SDL can apply to any cloud-based deployment, but focuses on Windows Azure, explaining that the steps are very similar to a typical on-premises application (File an Incident Response Plan, Perform a Final Security Review and Release Archive). In Azure, the importance of understanding of the platform is doubly-important in preparing an Incident Response Plan because rollback and stopping of deployment is vastly simpler than in on-premises or full-platform hosted deployment. Because Azure makes it so simple to deploy applications, Jason emphasizes the importance of reviewing the deployment and securing deployment-related artifacts such as management accounts, access to Service Management API and SSL certificates used by applications.

Run Time:08:04

Uploaded:01/18/2011

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/659f8a4a-254e-4917-b072-209c2a681e05.mp4" width="800px" height="600px"></embed>

01/18/2011
00:06:17

Microsoft SDL Release Phase: Security Practices | TechNet Video

In this video, Jason Glassberg, Co-Founder, Casaba, discusses the three security practices of the Microsoft SDL Release phase. Jason talks about the p... Read more

In this video, Jason Glassberg, Co-Founder, Casaba, discusses the three security practices of the Microsoft SDL Release phase. Jason talks about the planning for post-release contingencies by creating a well thought-out incident response plan, then stresses the importance of the application of a Final Security Review, its outcomes and mitigation of any outstanding issues. Finally he discusses the archiving of all pertinent information and data to allow for post-release servicing of the software.

Run Time:06:17 

Uploaded:01/18/2011

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/70e1fc18-c60e-4734-a02c-6becae66750c.mp4" width="800px" height="600px"></embed>

Microsoft SDL Release Phase: Security Practices | TechNet Video

Microsoft SDL Release Phase: Security Practices | TechNet Video

In this video, Jason Glassberg, Co-Founder, Casaba, discusses the three security practices of the Microsoft SDL Release phase. Jason talks about the p... Read more

In this video, Jason Glassberg, Co-Founder, Casaba, discusses the three security practices of the Microsoft SDL Release phase. Jason talks about the planning for post-release contingencies by creating a well thought-out incident response plan, then stresses the importance of the application of a Final Security Review, its outcomes and mitigation of any outstanding issues. Finally he discusses the archiving of all pertinent information and data to allow for post-release servicing of the software.

Run Time:06:17 

Uploaded:01/18/2011

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/70e1fc18-c60e-4734-a02c-6becae66750c.mp4" width="800px" height="600px"></embed>

01/18/2011
00:36:37

Microsoft SDL Implementation Phase: Security Practices

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, discusses the implementation security practices of the “Implementation” phase...     Read more

    In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, discusses the implementation security practices of the “Implementation” phase of the Microsoft SDL. Peter uses the definition of what makes secure code as a point of departure, explaining then the benefits of the ease and repeatability the Microsoft SDL process brings to creation of such code. Peter then covers importance of proper usage of tools that are used during the Implementation Phase and dives into discussion of IDEs, compilers, parsers, linkers and static analysis applications.Related resources:Whitepaper: The Simplified Implementation of the Microsoft SDL Microsoft Security Development Lifecycle Security Talk Series Webcast Check out Windows Azure Subscriptions

Run Time:36:37

Uploaded:12/15/2010

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/896e9074-b9f5-4b45-8b3e-15ca311468b3.mp4" width="800px" height="600px"></embed>

Microsoft SDL Implementation Phase: Security Practices

Microsoft SDL Implementation Phase: Security Practices

In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, discusses the implementation security practices of the “Implementation” phase...     Read more

    In this video, Peter Oehlert, Senior Security Consultant, iSEC Partners, discusses the implementation security practices of the “Implementation” phase of the Microsoft SDL. Peter uses the definition of what makes secure code as a point of departure, explaining then the benefits of the ease and repeatability the Microsoft SDL process brings to creation of such code. Peter then covers importance of proper usage of tools that are used during the Implementation Phase and dives into discussion of IDEs, compilers, parsers, linkers and static analysis applications.Related resources:Whitepaper: The Simplified Implementation of the Microsoft SDL Microsoft Security Development Lifecycle Security Talk Series Webcast Check out Windows Azure Subscriptions

Run Time:36:37

Uploaded:12/15/2010

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/896e9074-b9f5-4b45-8b3e-15ca311468b3.mp4" width="800px" height="600px"></embed>

12/15/2010
00:21:44

Microsoft SDL Verification Phase: Security Practices

In this video, Aviram Jenik, CEO, Beyond Security, talks about processes that help build secure systems, focusing on the Verification phase of the Mic...Read more

In this video, Aviram Jenik, CEO, Beyond Security, talks about processes that help build secure systems, focusing on the Verification phase of the Microsoft Security Development Lifecycle. Aviram discusses the concept of “black box” testing, explains the importance of testing data entry endpoints with good, bad and fuzzed input, and points to the tools that can assist with these tasks. On a practical side, Aviram shows a detailed demo of “JPG fuzzing”, generating malformed images, and identifying vulnerabilities in image processing application.

Run Time:21:44

Uploaded:12/15/2010

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/20dc31dc-72c0-497e-a83d-4773b38bb52f.mp4" width="800px" height="600px"></embed>

Microsoft SDL Verification Phase: Security Practices

Microsoft SDL Verification Phase: Security Practices

In this video, Aviram Jenik, CEO, Beyond Security, talks about processes that help build secure systems, focusing on the Verification phase of the Mic...Read more

In this video, Aviram Jenik, CEO, Beyond Security, talks about processes that help build secure systems, focusing on the Verification phase of the Microsoft Security Development Lifecycle. Aviram discusses the concept of “black box” testing, explains the importance of testing data entry endpoints with good, bad and fuzzed input, and points to the tools that can assist with these tasks. On a practical side, Aviram shows a detailed demo of “JPG fuzzing”, generating malformed images, and identifying vulnerabilities in image processing application.

Run Time:21:44

Uploaded:12/15/2010

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/20dc31dc-72c0-497e-a83d-4773b38bb52f.mp4" width="800px" height="600px"></embed>

12/15/2010
00:17:07

Applying Microsoft SDL Requirements Practices within Windows Azure

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about applying Microsoft SDL Requirements s...  Read more

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about applying Microsoft SDL Requirements security practices to applications built on top of Windows Azure, focusing on the “Requirements” phase. Chris and Robert stress the similarities of Windows Azure applications to regular web applications, explaining that you won’t be operating in an entirely new environment, talk about decreased need to focus on infrastructure and platform and increased focus on securing the application layer. The presenters explain the similarities and differences in planning for security and privacy when deploying to Windows Azure, and explain how to map the existing and new risks to the cloud-based environment.Related resources:Whitepaper: The Simplified Implementation of the Microsoft SDL http://go.microsoft.com/?linkid=9708425 Whitepaper: Security Best Practices for Developing Windows Azure Applications http://go.microsoft.com/?linkid=9751872 Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl Security Talk Series webcasts www.microsoft.com/events/series/securitytalk Check out Windows Azure Subscriptions bit.ly/AzurePromo

Run Time:17:07

Uploaded:12/14/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/11945b56-0c91-4ccf-b09a-fda88fa6be4e.mp4" width="800px" height="600px"></embed>

Applying Microsoft SDL Requirements Practices within Windows Azure

Applying Microsoft SDL Requirements Practices within Windows Azure

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about applying Microsoft SDL Requirements s...  Read more

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about applying Microsoft SDL Requirements security practices to applications built on top of Windows Azure, focusing on the “Requirements” phase. Chris and Robert stress the similarities of Windows Azure applications to regular web applications, explaining that you won’t be operating in an entirely new environment, talk about decreased need to focus on infrastructure and platform and increased focus on securing the application layer. The presenters explain the similarities and differences in planning for security and privacy when deploying to Windows Azure, and explain how to map the existing and new risks to the cloud-based environment.Related resources:Whitepaper: The Simplified Implementation of the Microsoft SDL http://go.microsoft.com/?linkid=9708425 Whitepaper: Security Best Practices for Developing Windows Azure Applications http://go.microsoft.com/?linkid=9751872 Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl Security Talk Series webcasts www.microsoft.com/events/series/securitytalk Check out Windows Azure Subscriptions bit.ly/AzurePromo

Run Time:17:07

Uploaded:12/14/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/11945b56-0c91-4ccf-b09a-fda88fa6be4e.mp4" width="800px" height="600px"></embed>

12/14/2010
00:18:43

Applying Microsoft SDL Verification Practices within Windows Azure

In this video, Aviram Jenik, CEO, Beyond Security, talks about applying Microsoft SDL to applications built on top of Windows Azure applications, focu...             Read more

In this video, Aviram Jenik, CEO, Beyond Security, talks about applying Microsoft SDL to applications built on top of Windows Azure applications, focusing on the Verification phase of the Microsoft Security Development Lifecycle. Aviram explains how “black box” testing concept is increasingly relevant in the world of cloud-based applications, mentions classic user input attacks such as SQL injection and Cross Site Scripting (XSS), and enumerates different inputs that should be focused on with Windows Azure-based applications.

Run Time:18:43

Uploaded:12/14/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/1cae5666-e36f-4e7f-9bf3-3cee7f3951de.mp4" width="800px" height="600px"></embed>

Applying Microsoft SDL Verification Practices within Windows Azure

Applying Microsoft SDL Verification Practices within Windows Azure

In this video, Aviram Jenik, CEO, Beyond Security, talks about applying Microsoft SDL to applications built on top of Windows Azure applications, focu...             Read more

In this video, Aviram Jenik, CEO, Beyond Security, talks about applying Microsoft SDL to applications built on top of Windows Azure applications, focusing on the Verification phase of the Microsoft Security Development Lifecycle. Aviram explains how “black box” testing concept is increasingly relevant in the world of cloud-based applications, mentions classic user input attacks such as SQL injection and Cross Site Scripting (XSS), and enumerates different inputs that should be focused on with Windows Azure-based applications.

Run Time:18:43

Uploaded:12/14/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/1cae5666-e36f-4e7f-9bf3-3cee7f3951de.mp4" width="800px" height="600px"></embed>

12/14/2010
00:12:32

Microsoft SDL Requirements Phase: Security Practices

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about the security practices of the “Requir...       Read more

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about the security practices of the “Requirements” phase of the Microsoft SDL. Chris and Robert explain the benefits of following the Microsoft SDL to building more secure, reliable, and standard-compliant software.Related resources:Whitepaper: The Simplified Implementation of the Microsoft SDL http://go.microsoft.com/?linkid=9708425 Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl Security Talk Series webcasts www.microsoft.com/events/series/securitytalk

Run Time:12:32

Uploaded:12/14/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/3d2324be-efe4-4e27-a5de-e29bbddb9c52.mp4" width="800px" height="600px"></embed>

Microsoft SDL Requirements Phase: Security Practices

Microsoft SDL Requirements Phase: Security Practices

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about the security practices of the “Requir...       Read more

In this video, Chris Weber, Managing Partner and Robert Mooney, Senior Software Development, Casaba, speak about the security practices of the “Requirements” phase of the Microsoft SDL. Chris and Robert explain the benefits of following the Microsoft SDL to building more secure, reliable, and standard-compliant software.Related resources:Whitepaper: The Simplified Implementation of the Microsoft SDL http://go.microsoft.com/?linkid=9708425 Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl Security Talk Series webcasts www.microsoft.com/events/series/securitytalk

Run Time:12:32

Uploaded:12/14/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/3d2324be-efe4-4e27-a5de-e29bbddb9c52.mp4" width="800px" height="600px"></embed>

12/14/2010
00:29:12

Applying Microsoft SDL Design Practices within Windows Azure 

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about mapping concepts from the "Design" phase of the ...                Read more

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about mapping concepts from the "Design" phase of the Microsoft SDL to software targeting Windows Azure platform. Joe highlights what changes and what does not change for the application design when application is moving to the cloud, and then digs deeper into those areas, including impact the Azure VM model brings to the application trust, designing for secure storage, and claims-based authorization. Joe then focuses on discussion of the cryptography, explaining the pitfalls of rolling your own and suggest designs for securing key infrastructure.

Run Time:29:12

Uploaded:12/09/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/a4b1d469-0b0e-444e-b42b-fe8ecaf9069f.mp4" width="800px" height="600px"></embed>

Applying Microsoft SDL Design Practices within Windows Azure

Applying Microsoft SDL Design Practices within Windows Azure 

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about mapping concepts from the "Design" phase of the ...                Read more

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about mapping concepts from the "Design" phase of the Microsoft SDL to software targeting Windows Azure platform. Joe highlights what changes and what does not change for the application design when application is moving to the cloud, and then digs deeper into those areas, including impact the Azure VM model brings to the application trust, designing for secure storage, and claims-based authorization. Joe then focuses on discussion of the cryptography, explaining the pitfalls of rolling your own and suggest designs for securing key infrastructure.

Run Time:29:12

Uploaded:12/09/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/a4b1d469-0b0e-444e-b42b-fe8ecaf9069f.mp4" width="800px" height="600px"></embed>

12/09/2010
00:50:26

Microsoft SDL Design Phase: Security Practices  

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about the “Design” phase of the Microsoft SDL. Joe explains ho...       Read more

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about the “Design” phase of the Microsoft SDL. Joe explains how designing secure systems sometimes requires thinking “backwards” - instead of focusing on features of what the system should do, one should think of what the system should NOT do. Taking this as a departing point, Joe dives into a discussion of foundational design principles of building secure software, including least privilege, compartmentalization, input validation, auditing and logging, cryptography and avoiding the “Not Invented Here” trap.

Run Time:50:26

Uploaded:12/09/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/48a87adf-5a43-4a9b-97e5-e769892fbf80.mp4" width="800px" height="600px"></embed>

Microsoft SDL Design Phase: Security Practices

Microsoft SDL Design Phase: Security Practices  

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about the “Design” phase of the Microsoft SDL. Joe explains ho...       Read more

In this video, Joe Basirico, Director of Security Services, Security Innovation, speaks about the “Design” phase of the Microsoft SDL. Joe explains how designing secure systems sometimes requires thinking “backwards” - instead of focusing on features of what the system should do, one should think of what the system should NOT do. Taking this as a departing point, Joe dives into a discussion of foundational design principles of building secure software, including least privilege, compartmentalization, input validation, auditing and logging, cryptography and avoiding the “Not Invented Here” trap.

Run Time:50:26

Uploaded:12/09/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/48a87adf-5a43-4a9b-97e5-e769892fbf80.mp4" width="800px" height="600px"></embed>

12/09/2010
00:10:58

Anti-Cross Site Scripting (XSS) Library

Watch this short video to learn about Anti-XSS library. It's one of many tools available in the Microsoft SDL Toolset that can help you automate and i... Read more

Watch this short video to learn about Anti-XSS library. It's one of many tools available in the Microsoft SDL Toolset that can help you automate and implement the Microsoft SDL Process Guidance.

Run Time:10:58

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/93563e6b-d03e-411a-8d99-aa7a435fc3f9.mp4" width="800px" height="600px"></embed>

Anti-Cross Site Scripting (XSS) Library

Anti-Cross Site Scripting (XSS) Library

Watch this short video to learn about Anti-XSS library. It's one of many tools available in the Microsoft SDL Toolset that can help you automate and i... Read more

Watch this short video to learn about Anti-XSS library. It's one of many tools available in the Microsoft SDL Toolset that can help you automate and implement the Microsoft SDL Process Guidance.

Run Time:10:58

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/93563e6b-d03e-411a-8d99-aa7a435fc3f9.mp4" width="800px" height="600px"></embed>

12/07/2010
00:04:16

Banned.h Header File

Watch this short video to learn more about the Banned.h header file. Banned.h header file is one of the many free resources in the Microsoft SDL Tools... Read more

Watch this short video to learn more about the Banned.h header file. Banned.h header file is one of the many free resources in the Microsoft SDL Toolset. The banned.h header file is a sanitizing resource, which supports the Microsoft SDL requirement to remove banned functions from code. It lists all banned APIs and allows any developer to locate them in code.

Run Time:04:16

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/978041da-45b5-451c-a590-6674b879c787.mp4" width="800px" height="600px"></embed>

Banned.h Header File

Banned.h Header File

Watch this short video to learn more about the Banned.h header file. Banned.h header file is one of the many free resources in the Microsoft SDL Tools... Read more

Watch this short video to learn more about the Banned.h header file. Banned.h header file is one of the many free resources in the Microsoft SDL Toolset. The banned.h header file is a sanitizing resource, which supports the Microsoft SDL requirement to remove banned functions from code. It lists all banned APIs and allows any developer to locate them in code.

Run Time:04:16

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/978041da-45b5-451c-a590-6674b879c787.mp4" width="800px" height="600px"></embed>

12/07/2010
00:09:54

Code Analysis for C/C++

Watch this short video to learn more about Code Analysis for C++. The C/C++ Code Analysis tool is a static analyzer that is provided with the installa...  Read more

Watch this short video to learn more about Code Analysis for C++. The C/C++ Code Analysis tool is a static analyzer that is provided with the installation of Visual Studio Team System or Visual Studio Team Suite, that provides information to developers about possible vulnerabilities in their C/C++ source code. Common coding errors reported by the tool include buffer overruns, un-initialized memory, null pointer dereferences, and memory and resource leaks.

Run Time:09:54

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/e66547b2-5a25-4792-9e5a-35c6f3366ba2.mp4" width="800px" height="600px"></embed>

Code Analysis for C/C++

Code Analysis for C/C++

Watch this short video to learn more about Code Analysis for C++. The C/C++ Code Analysis tool is a static analyzer that is provided with the installa...  Read more

Watch this short video to learn more about Code Analysis for C++. The C/C++ Code Analysis tool is a static analyzer that is provided with the installation of Visual Studio Team System or Visual Studio Team Suite, that provides information to developers about possible vulnerabilities in their C/C++ source code. Common coding errors reported by the tool include buffer overruns, un-initialized memory, null pointer dereferences, and memory and resource leaks.

Run Time:09:54

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/e66547b2-5a25-4792-9e5a-35c6f3366ba2.mp4" width="800px" height="600px"></embed>

12/07/2010
00:05:37

FxCop

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsof... Read more

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsoft SDL Toolset. BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, up-to-date build tools are in place, and the latest good ATL headers are being used. BinScope also reports on dangerous constructs that are prohibited by SDL.

Run Time:05:37

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/71702652-adcd-4b06-8b2b-0fe1e0d93645.mp4" width="800px" height="600px"></embed>

FxCop

FxCop

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsof... Read more

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsoft SDL Toolset. BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, up-to-date build tools are in place, and the latest good ATL headers are being used. BinScope also reports on dangerous constructs that are prohibited by SDL.

Run Time:05:37

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/71702652-adcd-4b06-8b2b-0fe1e0d93645.mp4" width="800px" height="600px"></embed>

12/07/2010
00:06:30

MSF-Agile + SDL Process Template

Watch this short video to learn more about the MSF-Agile+SDL Process Template. The MSF-Agile+SDL Template is one of many templates and tools available... Read more

Watch this short video to learn more about the MSF-Agile+SDL Process Template. The MSF-Agile+SDL Template is one of many templates and tools available to help you implement the Microsoft SDL. MSF-Agile+SDL Process Template is a Team Foundation Server downloadable template that automatically incorporates the policy, process and tools associated with the SDL for Agile development guidance into the familiar Microsoft Solutions Framework (MSF) for Agile software development (MSF-Agile) process template that ships with Visual Studio Team System.

Run Time:06:30

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/de0fb4da-39a6-434e-8321-4f79b867717a.mp4" width="800px" height="600px"></embed>

MSF-Agile + SDL Process Template

MSF-Agile + SDL Process Template

Watch this short video to learn more about the MSF-Agile+SDL Process Template. The MSF-Agile+SDL Template is one of many templates and tools available... Read more

Watch this short video to learn more about the MSF-Agile+SDL Process Template. The MSF-Agile+SDL Template is one of many templates and tools available to help you implement the Microsoft SDL. MSF-Agile+SDL Process Template is a Team Foundation Server downloadable template that automatically incorporates the policy, process and tools associated with the SDL for Agile development guidance into the familiar Microsoft Solutions Framework (MSF) for Agile software development (MSF-Agile) process template that ships with Visual Studio Team System.

Run Time:06:30

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/de0fb4da-39a6-434e-8321-4f79b867717a.mp4" width="800px" height="600px"></embed>

12/07/2010
00:07:28

SDL Process Template 

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsof...  Read more

Watch this short video to learn more about the SDL Process Template. The SDL Process Template is one of many free templates and tools available in the Microsoft SDL Toolset. The SDL Process teamplate is a downloadable template that leverages the technology of Visual Studio Team System (VSTS) and Team Foundation Server (TFS) to automatically integrate the policy, process and tools associated with the Security Development Lifecycle version into your software development environment.

Run Time:07:28

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/9a266d70-0b69-4e84-8960-ec55ac36a954.mp4" width="800px" height="600px"></embed>

SDL Process Template

SDL Process Template 

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsof...  Read more

Watch this short video to learn more about the SDL Process Template. The SDL Process Template is one of many free templates and tools available in the Microsoft SDL Toolset. The SDL Process teamplate is a downloadable template that leverages the technology of Visual Studio Team System (VSTS) and Team Foundation Server (TFS) to automatically integrate the policy, process and tools associated with the Security Development Lifecycle version into your software development environment.

Run Time:07:28

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/9a266d70-0b69-4e84-8960-ec55ac36a954.mp4" width="800px" height="600px"></embed>

12/07/2010
00:10:33

SDL Threat Modeling Tool

Watch this short video to learn more about the SDL Threat Modeling tool. The SDL Threat Modeling Tool is one of many free tools made available as part...  Read more

Watch this short video to learn more about the SDL Threat Modeling tool. The SDL Threat Modeling Tool is one of many free tools made available as part of the SDL Toolset. The SDL Threat Modeling Tool is the first threat modeling tool which isn't designed for security experts. It makes threat modeling easier for all developers by providing guidance on creating and analyzing threat models.

Run Time:10:33

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/12091545-a1a4-4514-9081-d5b48f675769.mp4" width="800px" height="600px"></embed>

SDL Threat Modeling Tool

SDL Threat Modeling Tool

Watch this short video to learn more about the SDL Threat Modeling tool. The SDL Threat Modeling Tool is one of many free tools made available as part...  Read more

Watch this short video to learn more about the SDL Threat Modeling tool. The SDL Threat Modeling Tool is one of many free tools made available as part of the SDL Toolset. The SDL Threat Modeling Tool is the first threat modeling tool which isn't designed for security experts. It makes threat modeling easier for all developers by providing guidance on creating and analyzing threat models.

Run Time:10:33

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/12091545-a1a4-4514-9081-d5b48f675769.mp4" width="800px" height="600px"></embed>

12/07/2010
00:05:16

SiteLock ATL (Active Library Template)

Watch this short video to learn more about the SiteLock ATL (Active Library Template). SiteLock ATL is one of the many free templates and tools that a... Read more

Watch this short video to learn more about the SiteLock ATL (Active Library Template). SiteLock ATL is one of the many free templates and tools that are available as part of the Microsoft SDL Toolset. The SiteLock ATL template enables an ActiveX developer to restrict access so that a control is only deemed safe when used in a predetermined list of domains. This limits the ability of Web page authors to reuse the control for malicious purposes.

Run Time:05:16

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/ae854400-f2ab-4d46-888c-5127fc816c21.mp4" width="800px" height="600px"></embed>

SiteLock ATL (Active Library Template)

SiteLock ATL (Active Library Template)

Watch this short video to learn more about the SiteLock ATL (Active Library Template). SiteLock ATL is one of the many free templates and tools that a... Read more

Watch this short video to learn more about the SiteLock ATL (Active Library Template). SiteLock ATL is one of the many free templates and tools that are available as part of the Microsoft SDL Toolset. The SiteLock ATL template enables an ActiveX developer to restrict access so that a control is only deemed safe when used in a predetermined list of domains. This limits the ability of Web page authors to reuse the control for malicious purposes.

Run Time:05:16

Uploaded:12/07/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/ae854400-f2ab-4d46-888c-5127fc816c21.mp4" width="800px" height="600px"></embed>

12/07/2010
00:06:14

BinScope Binary Analyzer

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsof... Read more

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsoft SDL Toolset. BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, up-to-date build tools are in place, and the latest good ATL headers are being used. BinScope also reports on dangerous constructs that are prohibited by SDL.

Run Time:06:14

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/28ec6268-6572-46d9-ba1c-41ab3e040818.mp4" width="800px" height="600px"></embed>

BinScope Binary Analyzer

BinScope Binary Analyzer

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsof... Read more

Watch this short video to learn more about the BinScope Binary Analyzer tool. BinScope is one of the many free tools available as part of the Microsoft SDL Toolset. BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, up-to-date build tools are in place, and the latest good ATL headers are being used. BinScope also reports on dangerous constructs that are prohibited by SDL.

Run Time:06:14

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/28ec6268-6572-46d9-ba1c-41ab3e040818.mp4" width="800px" height="600px"></embed>

12/06/2010
00:04:59

CAT.NET

Watch this short video on CAT.NET. CAT.NET tool is one of the many free tools that are available as part of the Microsoft SDL Toolset. It's available ...Read more

Watch this short video on CAT.NET. CAT.NET tool is one of the many free tools that are available as part of the Microsoft SDL Toolset. It's available in both 32-bit and 64-bit versions. CAT.NET is a command line tool that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies. CAT.NET also helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection, and XPath Injection.

Run Time:04:59

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/a2e325a7-d31e-4f52-b293-b60dcbcd3790.mp4" width="800px" height="600px"></embed>

CAT.NET

CAT.NET

Watch this short video on CAT.NET. CAT.NET tool is one of the many free tools that are available as part of the Microsoft SDL Toolset. It's available ...Read more

Watch this short video on CAT.NET. CAT.NET tool is one of the many free tools that are available as part of the Microsoft SDL Toolset. It's available in both 32-bit and 64-bit versions. CAT.NET is a command line tool that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies. CAT.NET also helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection, and XPath Injection.

Run Time:04:59

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/a2e325a7-d31e-4f52-b293-b60dcbcd3790.mp4" width="800px" height="600px"></embed>

12/06/2010
00:06:23

MiniFuzz File Fuzzer

Watch this short video on MiniFuzz File Fuzzer. MiniFuzz is one of the many free tools that are available as part of the Microsoft SDL Toolset. MiniFu...Read more

Watch this short video on MiniFuzz File Fuzzer. MiniFuzz is one of the many free tools that are available as part of the Microsoft SDL Toolset. MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code. This tool creates multiple random variations of file content and feeds it to the application to exercise the code in an attempt to expose unexpected and potentially insecure application behaviors.

Run Time:06:23

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/dbcab1b4-0bbc-430f-8494-15cb2d59b6ac.mp4" width="800px" height="600px"></embed>

MiniFuzz File Fuzzer

MiniFuzz File Fuzzer

Watch this short video on MiniFuzz File Fuzzer. MiniFuzz is one of the many free tools that are available as part of the Microsoft SDL Toolset. MiniFu...Read more

Watch this short video on MiniFuzz File Fuzzer. MiniFuzz is one of the many free tools that are available as part of the Microsoft SDL Toolset. MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code. This tool creates multiple random variations of file content and feeds it to the application to exercise the code in an attempt to expose unexpected and potentially insecure application behaviors.

Run Time:06:23

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/dbcab1b4-0bbc-430f-8494-15cb2d59b6ac.mp4" width="800px" height="600px"></embed>

12/06/2010
00:06:40

SDL Regex Fuzzer

Watch this short video to learn more about SDL Regex Fuzzer. SDL Regex Fuzzer is one of the many free tools in the Microsoft SDL Toolset. Regex Fuzzer... Read more

Watch this short video to learn more about SDL Regex Fuzzer. SDL Regex Fuzzer is one of the many free tools in the Microsoft SDL Toolset. Regex Fuzzer can help test regular expressions for these potential vulnerabilities. Regular expression patterns containing certain clauses that execute in exponential time (for example, grouping clauses containing repetition that are themselves repeated) can be exploited by attackers to cause a denial-of-service (DoS) condition.

Run Time:37:25

Uploaded:10/14/2013

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/9117537e-87e8-44aa-a46e-707d77c38e4d.mp4" width="800px" height="600px"></embed>

SDL Regex Fuzzer

SDL Regex Fuzzer

Watch this short video to learn more about SDL Regex Fuzzer. SDL Regex Fuzzer is one of the many free tools in the Microsoft SDL Toolset. Regex Fuzzer... Read more

Watch this short video to learn more about SDL Regex Fuzzer. SDL Regex Fuzzer is one of the many free tools in the Microsoft SDL Toolset. Regex Fuzzer can help test regular expressions for these potential vulnerabilities. Regular expression patterns containing certain clauses that execute in exponential time (for example, grouping clauses containing repetition that are themselves repeated) can be exploited by attackers to cause a denial-of-service (DoS) condition.

Run Time:37:25

Uploaded:10/14/2013

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/9117537e-87e8-44aa-a46e-707d77c38e4d.mp4" width="800px" height="600px"></embed>

12/06/2010
00:02:41

SDL Tools Overview

Watch this short video on the Microsoft SDL Toolset overview. Doug Cavit, from the Microsoft SDL engineering team, explains why IT executives and mana... Read more

Watch this short video on the Microsoft SDL Toolset overview. Doug Cavit, from the Microsoft SDL engineering team, explains why IT executives and managers should encourage their development teams to download the SDL Implementation guidance and SDL tools to see how they can implement a software security assurance process such as the Microsoft SDL. The Microsoft SDL toolset is meant to work together to help a company implement all the phases of the Microsoft SDL from requirements to software release. The Microsoft SDL toolset and process guidance are both FREE to download by our customers from the Microsoft SDL website. All the tools in the Microsoft SDL toolset are meant to work together, so that companies can write secure software easier.

Run Time:02:41

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/998c2518-1a9a-4ea6-961c-89de2ac2ade6.mp4" width="800px" height="600px"></embed>

SDL Tools Overview

SDL Tools Overview

Watch this short video on the Microsoft SDL Toolset overview. Doug Cavit, from the Microsoft SDL engineering team, explains why IT executives and mana... Read more

Watch this short video on the Microsoft SDL Toolset overview. Doug Cavit, from the Microsoft SDL engineering team, explains why IT executives and managers should encourage their development teams to download the SDL Implementation guidance and SDL tools to see how they can implement a software security assurance process such as the Microsoft SDL. The Microsoft SDL toolset is meant to work together to help a company implement all the phases of the Microsoft SDL from requirements to software release. The Microsoft SDL toolset and process guidance are both FREE to download by our customers from the Microsoft SDL website. All the tools in the Microsoft SDL toolset are meant to work together, so that companies can write secure software easier.

Run Time:02:41

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/998c2518-1a9a-4ea6-961c-89de2ac2ade6.mp4" width="800px" height="600px"></embed>

12/06/2010
00:24:29

Simplified Implementation of the Microsoft SDL

This video helps to illustrate the core concepts of the Microsoft Security Development Lifecycle (SDL) and discusses the individual security activitie... Read more

This video helps to illustrate the core concepts of the Microsoft Security Development Lifecycle (SDL) and discusses the individual security activities that should be performed in order to claim compliance with the SDL process.

Run Time:24:29

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/dc708182-20e8-4658-8944-4b47d56c8503.mp4" width="800px" height="600px"></embed>

Simplified Implementation of the Microsoft SDL

Simplified Implementation of the Microsoft SDL

This video helps to illustrate the core concepts of the Microsoft Security Development Lifecycle (SDL) and discusses the individual security activitie... Read more

This video helps to illustrate the core concepts of the Microsoft Security Development Lifecycle (SDL) and discusses the individual security activities that should be performed in order to claim compliance with the SDL process.

Run Time:24:29

Uploaded:12/06/2010

Share it:

Embed:Get Code...

<embed src="http://content3.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/dc708182-20e8-4658-8944-4b47d56c8503.mp4" width="800px" height="600px"></embed>

12/06/2010
00:06:15

Security Development Lifecycle for Agile | TechNet Edge

Bryan Sullivan, Senior Security Program Manager for Microsoft, illustrates how teams can ensure applications developed with rapid release cycles are s... Read more

Bryan Sullivan, Senior Security Program Manager for Microsoft, illustrates how teams can ensure applications developed with rapid release cycles are still developed in a secure manner. Many development organizations use Agile software development methodologies to build their applications, yet Agile – just like every other development methodology – does not inherently produce secure deliverables. Secure development practices need to be “baked-in” throughout every iteration or sprint. The Security Development Lifecycle for Agile (SDL-Agile) process defines a set of activities that development teams can follow to reduce security vulnerabilities. SDL-Agile also specifies the conditions and frequencies with which these activities should be performed, in order to optimize the security of the delivered product and to ensure that teams have the time and freedom to innovate and create new features. You can find additional information on SDL-Agile here: http://msdn.microsoft.com/en-us/library/ee790621.aspx

Run Time:06:15

Uploaded:12/09/2009

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET/7772aef0-e6a6-4b9b-acf7-119d712393ea.wmv" width="800px" height="600px"></embed>                               

Security Development Lifecycle for Agile | TechNet Edge

Security Development Lifecycle for Agile | TechNet Edge

Bryan Sullivan, Senior Security Program Manager for Microsoft, illustrates how teams can ensure applications developed with rapid release cycles are s... Read more

Bryan Sullivan, Senior Security Program Manager for Microsoft, illustrates how teams can ensure applications developed with rapid release cycles are still developed in a secure manner. Many development organizations use Agile software development methodologies to build their applications, yet Agile – just like every other development methodology – does not inherently produce secure deliverables. Secure development practices need to be “baked-in” throughout every iteration or sprint. The Security Development Lifecycle for Agile (SDL-Agile) process defines a set of activities that development teams can follow to reduce security vulnerabilities. SDL-Agile also specifies the conditions and frequencies with which these activities should be performed, in order to optimize the security of the delivered product and to ensure that teams have the time and freedom to innovate and create new features. You can find additional information on SDL-Agile here: http://msdn.microsoft.com/en-us/library/ee790621.aspx

Run Time:06:15

Uploaded:12/09/2009

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET/7772aef0-e6a6-4b9b-acf7-119d712393ea.wmv" width="800px" height="600px"></embed>                               

12/09/2009
00:07:24

Client and Cloud Security | TechNet Edge

Steve Lipner, Senior Director of Security Engineering Strategy for Microsoft's Trustworthy Computing group talks about client and cloud secuirty.... Read more

Steve Lipner, Senior Director of Security Engineering Strategy for Microsoft's Trustworthy Computing group talks about client and cloud secuirty.

Run Time:07:24

Uploaded:12/08/2009

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET/eec9e79b-0232-475d-a3fc-838b8dd7cd87.wmv" width="800px" height="600px"></embed>

Client and Cloud Security | TechNet Edge

Client and Cloud Security | TechNet Edge

Steve Lipner, Senior Director of Security Engineering Strategy for Microsoft's Trustworthy Computing group talks about client and cloud secuirty.... Read more

Steve Lipner, Senior Director of Security Engineering Strategy for Microsoft's Trustworthy Computing group talks about client and cloud secuirty.

Run Time:07:24

Uploaded:12/08/2009

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET/eec9e79b-0232-475d-a3fc-838b8dd7cd87.wmv" width="800px" height="600px"></embed>

12/08/2009
00:08:49

BinScope Overview and Demo | TechNet Edge

This brief video gives a brief overview of the BinScope Binary Analyzer and then walks through how to configure and use BinScope to analyze an applica...  Read more

This brief video gives a brief overview of the BinScope Binary Analyzer and then walks through how to configure and use BinScope to analyze an application within Visual Studio. The walkthrough demonstrates integration with TFS and the SDL Process Template, showing easy creation of work items from detected problems. Download BinScope here and begin leveraging the verification capabilities of BinScope immediately. Learn more about the Microsoft Security Development Lifecycle (SDL) and tools Microsoft has published at the SDL Tool Repository site.

Run Time:08:49

Uploaded:09/16/2009

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/28ec6268-6572-46d9-ba1c-41ab3e040818.mp4" width="800px" height="600px"></embed>

BinScope Overview and Demo | TechNet Edge

BinScope Overview and Demo | TechNet Edge

This brief video gives a brief overview of the BinScope Binary Analyzer and then walks through how to configure and use BinScope to analyze an applica...  Read more

This brief video gives a brief overview of the BinScope Binary Analyzer and then walks through how to configure and use BinScope to analyze an application within Visual Studio. The walkthrough demonstrates integration with TFS and the SDL Process Template, showing easy creation of work items from detected problems. Download BinScope here and begin leveraging the verification capabilities of BinScope immediately. Learn more about the Microsoft Security Development Lifecycle (SDL) and tools Microsoft has published at the SDL Tool Repository site.

Run Time:08:49

Uploaded:09/16/2009

Share it:

Embed:Get Code...

<embed src="http://content1.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/28ec6268-6572-46d9-ba1c-41ab3e040818.mp4" width="800px" height="600px"></embed>

09/16/2009
00:07:39

MiniFuzz Overview and Demo | TechNet Edge

This brief video gives a brief overview of the MiniFuzz File Fuzzer and then walks through how to configure and use MiniFuzz to perform fuzz testing o...  Read more

This brief video gives a brief overview of the MiniFuzz File Fuzzer and then walks through how to configure and use MiniFuzz to perform fuzz testing on an application. The walkthrough launches MiniFuzz as an add-on to Visual Studio and demonstrates integration with TFS, showing automatic creation of work items from detected crashes. Download MiniFuzz here to get started with this easy to use file fuzzing tool. Learn more about the Microsoft Security Development Lifecycle (SDL) and tools Microsoft has published at the SDL Tool Repository site.

Run Time:07:39

Uploaded:09/16/2009

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/dbcab1b4-0bbc-430f-8494-15cb2d59b6ac.mp4" width="800px" height="600px"></embed>

MiniFuzz Overview and Demo | TechNet Edge

MiniFuzz Overview and Demo | TechNet Edge

This brief video gives a brief overview of the MiniFuzz File Fuzzer and then walks through how to configure and use MiniFuzz to perform fuzz testing o...  Read more

This brief video gives a brief overview of the MiniFuzz File Fuzzer and then walks through how to configure and use MiniFuzz to perform fuzz testing on an application. The walkthrough launches MiniFuzz as an add-on to Visual Studio and demonstrates integration with TFS, showing automatic creation of work items from detected crashes. Download MiniFuzz here to get started with this easy to use file fuzzing tool. Learn more about the Microsoft Security Development Lifecycle (SDL) and tools Microsoft has published at the SDL Tool Repository site.

Run Time:07:39

Uploaded:09/16/2009

Share it:

Embed:Get Code...

<embed src="http://content4.catalog.video.msn.com/e2/ds/alt-en-us/ALTENUS_TECHNET/ALTENUS_TECHNET_EDGE/dbcab1b4-0bbc-430f-8494-15cb2d59b6ac.mp4" width="800px" height="600px"></embed>

09/16/2009

Related Video

00:37:25

October 2013 Security Bulletin Webcast | TechNet Video

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast September 11th. Hosts Dustin Childs and Jona... Read more

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast October 9th. Hosts Dustin Childs and Jonatha...

Run Time:37:25

Uploaded:10/14/2013

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/33981985-e71a-4691-b9e1-e06e4b2a7442.mp4" width="800px" height="600px"></embed>

October 2013 Security Bulletin Webcast | TechNet Video

October 2013 Security Bulletin Webcast | TechNet Video

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast September 11th. Hosts Dustin Childs and Jona... Read more

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast October 9th. Hosts Dustin Childs and Jonatha...

Run Time:37:25

Uploaded:10/14/2013

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/33981985-e71a-4691-b9e1-e06e4b2a7442.mp4" width="800px" height="600px"></embed>

10/14/2013
00:02:33

Update Tuesday Overview: October 2013 | TechNet Video

Get a high-level overview of this month's eight Microsoft security bulletins. Dustin Childs from Microsoft Trustworthy Computing takes you through the... Read more

Get a high-level overview of this month's eight Microsoft security bulletins. Dustin Childs from Microsoft Trustworthy Computing takes you through the updates.

Run Time:02:33

Uploaded:10/08/2013

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/698708bd-c700-43d9-a8a7-1155d6fd493f.mp4" width="800px" height="600px"></embed>

Update Tuesday Overview: October 2013 | TechNet Video

Update Tuesday Overview: October 2013 | TechNet Video

Get a high-level overview of this month's eight Microsoft security bulletins. Dustin Childs from Microsoft Trustworthy Computing takes you through the... Read more

Get a high-level overview of this month's eight Microsoft security bulletins. Dustin Childs from Microsoft Trustworthy Computing takes you through the updates.

Run Time:02:33

Uploaded:10/08/2013

Share it:

Embed:Get Code...

<embed src="http://content5.catalog.video.msn.com/e2/ds/698708bd-c700-43d9-a8a7-1155d6fd493f.mp4" width="800px" height="600px"></embed>

10/08/2013
00:34:59

September 2013 Security Bulletin Webcast | TechNet Video

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast September 11th. Hosts Dustin Childs and Jona... Read more

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast September 11th. Hosts Dustin Childs and Jonathan Ness provide details that should prove helpful for deployment of these important updates.

Run Time:34:59

Uploaded:09/13/2013

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/33981985-e71a-4691-b9e1-e06e4b2a7442.mp4" width="800px" height="600px"></embed>

September 2013 Security Bulletin Webcast | TechNet Video

September 2013 Security Bulletin Webcast | TechNet Video

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast September 11th. Hosts Dustin Childs and Jona... Read more

Take a closer look at this month's Microsoft Security Bulletins in this video taped from a live broadcast September 11th. Hosts Dustin Childs and Jonathan Ness provide details that should prove helpful for deployment of these important updates.

Run Time:34:59

Uploaded:09/13/2013

Share it:

Embed:Get Code...

<embed src="http://content2.catalog.video.msn.com/e2/ds/33981985-e71a-4691-b9e1-e06e4b2a7442.mp4" width="800px" height="600px"></embed>

09/13/2013