Microsoft Quick Security References for Cross-Site Scripting and SQL Injection

After a bit of inbox spring cleaning I found this in an RSS feed on how to approach a discovering you have a Cross-Site Scripting and SQL Injection issue on one of your systems. Both papers are published from Microsoft Security Development Lifecycle (SDL) team, but have a host of industry names that have contributed to the material to give it a very well rounded approach. Nice work team!

Both papers are well worth the read if you’re an incident responder and why no pass on to your favourite developers through to the CIO. I may even flash these passed our Grumpy old MS DBATM , despite incurring his displeasure at misuse of his beloved SQL.

Original blog post:

http://blogs.msdn.com/sdl/archive/2010/01/18/how-to-open-a-parachute-during-free-fall-introducing-quick-security-references-qsrs.aspx

The two word documents are here for download:

http://www.microsoft.com/downloads/details.aspx?FamilyID=79042476-951f-48d0-8ebb-89f26cf8979d&displaylang=en#filelist

Reply now | Feed

Leave a Reply


XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Wp Logo Theme: Guangzhou
Home