November2008November 2008

Security Quiz: Test Your Security IQ

Our security experts present 10 vulnerable pieces of code. Your mission is to find the holes (a.k.a. bad security practices) in the code. Michael Howard and Bryan Sullivan

Agile SDL: Streamline Security Practices For Agile Development

Bryan Sullivan discusses the new SDL for Web applications and Agile projects with more compressed release cycles. Bryan Sullivan

Access Control: Understanding Windows File And Registry Permissions

Understanding the ACLs that govern permissions and rights before an operation is allowed to proceed is critical to enhancing security. John R. Michener

Utility Spotlight: 12 Steps To Faster Web Pages With Visual Round Trip Analyzer

Download Visual Round-trip Analyzer (VRTA) to uncover the root of your Web page loading problems and identify these 12 common ailments. Jim Pierson

RIA: Light Up SharePoint With Silverlight 2 Web Parts

Find out how to integrate SharePoint and Silverlight by creating a Silverlight media player and deploying it as a SharePoint Web Part. Steve Fox and Paul Stubbs

Code Download (52308 KB)
.Chm Files


Editor's Note: Can I See Some Identification?

Security measures are highly context driven and change with circumstances. This month Howard Dierking spins a few security yarns to illustrate.Howard Dierking

Toolbox: Online Scheduling, Jeff Smith’s SQL Blog, Easy Regular Expressions, And More

This month Scott looks at improving development skills, writing regular expressions, a web scheduling control and a SQL tips blog.Scott Mitchell

CLR Inside Out: International Applications

The CLR team takes a look inside the System.Globalization namespace to explain how to handle data formats for proper localization and globalization.Melitta Andersen

Data Points: Cloud Gazing From Silverlight 2

John Papa tackles questions about calling services from Silverlight 2 applications.John Papa

Cutting Edge: Browser Interoperability In Silverlight 2

This month Dino Esposito explains how the browser interoperability layer in Silverlight addresses a number of your Silverlight / Web page interaction needs.Dino Esposito

Security Briefs: Threat Models Improve Your Security Process

Using threat models to drive your security engineering process helps prioritize the code review, fuzz testing, and attack surface analysis tasks.Michael Howard

Test Run: Group Determination In Software Testing

There is a large body of research on group techniques to determine the best alternative from a set of options. Dr. James McCaffrey outlines five of them.Dr. James McCaffrey

Wicked Code: Silverlight 2 Transforms And Clipping Regions

Silverlight is powerful enough to let you easily build an image magnification feature for you web site with very little code, most of which is XAML. Find out how.Jeff Prosise

Foundations: Unit Testing Workflows And Activities

Matt Milner takes a look at some of the challenges and techniques related to testing Windows Workflow Foundation activities, workflows, and associated components.Matt Milner

Team System: Team Build 2008

Brian Randell introduces you to Visual Studio 2008 Team Foundation Server Build (Team Build). Then he creates and runs a team build.Brian A. Randell

{ End Bracket }: Engineers Who Write

Writing is good exercise for developers and software engineers. Richard Ward explains how writing can help you focus your thoughts and communicate more precisely.Richard Ward