Comments: 0

Microsoft Quick Security References for Cross-Site Scripting and SQL Injection

February 20, 2010

After a bit of inbox spring cleaning I found this in an RSS feed on how to approach a discovering you have a Cross-Site Scripting and SQL Injection issue on one of your systems. Both papers are published from Microsoft Security Development Lifecycle (SDL) team, but have a host of industry names that have contributed to the material to give it a very well rounded approach. Nice work team!

Both papers are well worth the read if you’re an incident responder and why no pass on to your favourite developers through to the CIO. I may even flash these passed our Grumpy old MS DBATM , despite incurring his displeasure at misuse of his beloved SQL.

Original blog post:

http://blogs.msdn.com/sdl/archive/2010/01/18/how-to-open-a-parachute-during-free-fall-introducing-quick-security-references-qsrs.aspx

The two word documents are here for download:

http://www.microsoft.com/downloads/details.aspx?FamilyID=79042476-951f-48d0-8ebb-89f26cf8979d&displaylang=en#filelist

  • 0

    SANS Brisbane 2010, 24-29 May

    February 17, 2010

    SANS is bringing world-class training to Queensland for SANS Brisbane 2010 on 24-29 May! (http://www.sans.org/info/54773) Why not choose the beauty of the city along the Brisbane River as the backdrop for your training? Register by 14 April to receive the best savings on the following courses:
    - Security 401: SANS Security Essentials Bootcamp Style (GSEC) taught [...]

    Read more here…

  • 1

    GIAC Security Expert (GSE) certification

    February 6, 2010

    I decided to take a very large leap and attempt one of the toughest, non-specialised, security exams out there, the GIAC Security Expert (GSE) certification
    As of today only 16 people hold this qualification. I’ve meet a few of those that hold this certificate and am in no doubt they know their security stuff.
    I have to [...]

    Read more here…

  • 0

    Offensive Security’s Backtrack Wifu – here we go again

    February 6, 2010

    I’ve booked myself on to this course.
    This time I blame Ash for making me take this one, but the deluded voices in my head also have something to answer for.
    Four months to get to grips with the 25 hours of study material and play with exercises. Should be simple right?
    What is this training I speak [...]

    Read more here…

  • 5

    How to fail the Offensive Security 101 Exam

    February 6, 2010

    Being generous of nature, I thought I’d share how to stuff up the exam of Offensive Security 101 course. All the blog postings I’ve found on the exam is how they succeed. Well this is a bit different. I managed to get a remarkable poor result which I can attribute to the following:

    Not being prepared [...]

    Read more here…

« Older Entries
Wp Logo Theme: Guangzhou
Home