Not
Bu sayfaya erişim yetkilendirme gerektiriyor. Oturum açmayı veya dizinleri değiştirmeyi deneyebilirsiniz.
Bu sayfaya erişim yetkilendirme gerektiriyor. Dizinleri değiştirmeyi deneyebilirsiniz.
The Secrets Of High Performance Consulting From ACE Performance Engineer
Alik here. Being member of a global team I was wondering recently about few questions: How...
Author: ACE Team Date: 12/01/2008
Vulnerabilities in Web Applications due to improper use of Crypto – Part 2
Continuing with my last post on vulnerabilities in web applications due improper use of crypto, lets...
Author: ACE Team Date: 11/29/2008
Vulnerabilities in Web Applications due to improper use of Crypto – Part 1
Cryptography is used often in web applications. Web sites that use cookie based authentication...
Author: ACE Team Date: 11/13/2008
Disk Partition Alignment (Sector Alignment): Part I: Slide Deck
Disk partition alignment is a best practice. Now that SQL Server wait stats are formally documented...
Author: ACE Team Date: 11/04/2008
IE7 vs. IE8 in VSTS 2008 SP1 Load test
As we all know, IE8 is coming out soon (Beta 2 is already released) and one of the major performance...
Author: ACE Team Date: 10/09/2008
How to simulate IE Caching in VSTS 2008
Sometimes it’s beneficial to run load test simulating IE cache. For example, if application is used...
Author: ACE Team Date: 09/26/2008
Improving Smart Client Performance using IIS 6 Native Compression
In .NET 2.0 the property .EnableDecompression was added which will allow you to use IIS 6 Native...
Author: ACE Team Date: 09/22/2008
ASP.NET Performance: High CPU Utilization Case Studies And Solutions
This post shares case studies of high CPU utilization of ASP.NET web sites. High CPU utilization was...
Author: ACE Team Date: 08/11/2008
Meter This: Practical Application Of Power Drain Attack
Last week while feeding my caffeine addiction I came across an article in the New York Times titled...
Author: ACE Team Date: 08/04/2008
Security Code Review – String Search Patterns For Finding Vulnerabilities In ASP.NET Web Application
"The hardest thing of all is to find a black cat in a dark room, especially if there is no...
Author: ACE Team Date: 07/24/2008
Application Security Development Lifecycle 5A: Is Threat Modeling Right For You?
Several enterprises are increasingly investing time and money in building application security tasks...
Author: ACE Team Date: 06/14/2008
Application Security Development Lifecycle 4: Finding the right security talent
After about an hour of nodding his head vigorously in agreement with some of our lessons learnt, my...
Author: ACE Team Date: 06/02/2008
How Microsoft IT does Secure Application Development: Webcast
Technorati Tags: Conference,SDLC,SDL,IT,ISV I will be discussing Microsoft IT's approach to secure...
Author: ACE Team Date: 05/27/2008
Using Threat Models Beyond the Design Stage
Threat Modeling is no longer the obscure magic is used to be. With the creation of tools like the...
Author: TheRockyH Date: 05/22/2008
Security priorities are changing for Canadian organizations
This is a link to an article I recently published through InterGovWorld.com in Canada....
Author: ACE Team Date: 05/19/2008
Increase the TCO, kill the project: An ad-hoc analogy
The other day I was subject to the assertion that the only asset an IT security organizations should...
Author: ACE Team Date: 05/15/2008
Application Security Development Lifecycle 3: Funding Models
Now that you've decided (or battled) to set up an application security program you realize that it...
Author: ACE Team Date: 05/08/2008
Front Range web application security summit in Denver
I will be speaking at the Front Range OWASP Conference (FROCo8) in Denver on June 10th. The focus of...
Author: ACE Team Date: 05/04/2008
Application Security Governance 2: Mandatory or Not?
Large enterprises tend to have a number of line of business (LOB) applications supporting business...
Author: ACE Team Date: 04/22/2008
IIS7 Admin Pack Offers Built In Performance Analysis Reports
Are you web developer building high traffic web site? Are you performance engineer that lives and...
Author: ACE Team Date: 04/21/2008
Improve .Net Applications Performance Effectively And Efficiently
How to anticipate or better off avoid performance related "surprises" during load and...
Author: ACE Team Date: 03/11/2008
Do You Really Need A Distributed Architecture?
Alik here. Does the question sound rhetoric to you? Do you think the answer is “Yes” by default...
Author: ACE Team Date: 02/14/2008
Generate Your Own Security Code Review Checklist Document Using Outlook 2007
Do you conduct security code reviews? - [Yes/No] Do you want to streamline the process of the...
Author: ACE Team Date: 01/16/2008
XSSDetect FAQ
Hi! This is Hassan Khan. As promissed, here the FAQs on XSSDetect: Q. What is XSSDetect?A. XSSDetect...
Author: ACE Team Date: 12/11/2007
Operation has timed out from class library in COM+
In a recent MS internal performance gig we encountered an interesting issue with the maxconnection...
Author: ACE Team Date: 11/06/2007
XSSDETECT: Analyzing Large Applications
XSSDetect is a static binary analysis tool. In the first step of analysis it reads target binaries...
Author: ACE Team Date: 10/24/2007
Update: Some details on how XSSDetect does dataflow analysis
Just a brief update, Hassan Khan one of the lead developers of XSSDetect and part of our ACE...
Author: ACE Team Date: 10/24/2007
XSSDetect Public Beta now Available!
One of the biggest, constant problems we've seen our enterprise customers deal with and we here at...
Author: ACE Team Date: 10/22/2007
ASP.NET ValidateRequest does not mitigate XSS completely
From Eugene Siu's blog:...
Author: ACE Team Date: 10/19/2007
Given enough eyeballs all bugs are shallow: True or False?
From Eugene Siu's blog:...
Author: ACE Team Date: 10/11/2007
System.URI.AbsolutePath Vs Phishing Attack
From Eugene Siu's blog:...
Author: ACE Team Date: 10/10/2007
Web Service Security Guidance
From Eugene Siu's blog...
Author: ACE Team Date: 10/10/2007
Mark Curphey joins Microsoft's ACE Team
Mark joined ACE as of Oct. 1st and we're very glad to have him aboard! The following is a note from...
Author: ACE Team Date: 10/08/2007
More eyeballs for .Net Framework code
From Eugene Siu's blog Microsoft will open up source code of .Net Framework to the public. It allows...
Author: ACE Team Date: 10/04/2007
Silverlight security MSDN magazine article
I have submitted an article proposal to MSDN to write about Silverlight security with my buddy in...
Author: ACE Team Date: 09/21/2007
Just learned how to cross-post via MetaWeblog API
I work for ACE team, and want to cross-post from https://blogs.msdn.com/esiu to...
Author: ACE Team Date: 09/20/2007
ASP.NET File Upload: How to prevent network clogging
Denial of service is one of the threats that you need to consider while implementing file upload...
Author: ACE Team Date: 09/19/2007
AES Vs. 3DES block ciphers
Hi, I am Babur Butter and I am with the ACE Team. Advance Encryption Standard (AES) and Triple DES...
Author: ACE Team Date: 09/07/2007
Application Security Guidance - User and Password Management
Keeping the theme from last post, let us dig into how system designers can take advantage of simple...
Author: ACE Team Date: 08/16/2007
Threat Modeling – Sanity Check List
Hi, I am Sagar Joshi and I work with the ACE Services Team. There is a lot of awareness building...
Author: ACE Team Date: 05/01/2007
Application Security Guidance - Session Management
Hi, I am Ashish Popli and I work with the ACE Services Team. There is a lot of security review...
Author: ACE Team Date: 02/23/2007
S E C U R E Acrostic
Seamless The more integration work that has to be done to get a component to work, the more...
Author: ACE Team Date: 02/09/2007
New addition to the ACE Team from India!
Hi there, I am Richard Lewis and am privileged to be part of the ACE Team at Microsoft. I am with...
Author: ACE Team Date: 01/25/2007
Microsoft Anti-Cross Site Scripting Library V1.5 is Released!
Hello, I wanted to announce that today the ACE and the ASP.NET team released V1.5 of the Anti-Cross...
Author: ACE Team Date: 11/20/2006
ACE's interview with Scoble on Channel 9 - part II & III now up
Hey Folks, part II and III of the Channel 9 interviews are up! You can check out part II here and...
Author: ACE Team Date: 10/29/2006
ACE Team's interview with Scoble on Channel 9 - pt 1
Well its been a while, but ACE's first video has hit Channel 9 today. If you'd like to see some of...
Author: ACE Team Date: 10/24/2006
ACE Services Drops Case Study Flick on Security Development Lifecycle for IT
Hello everyone, my name is Anmol Malhotra and I’m a Security Technologist with ACE [Application...
Author: ACE Team Date: 09/14/2006
Considering the performance impact of your test data source
Most automated tests require some form of data to be used within the tests. These are your test data...
Author: ACE Team Date: 07/17/2006