securityengineering | Channel 9

Sign In

Subscribe

patterns & practices Security Engineering

Approach

patterns & practices Security Engineering includes specific security related activities.
http://channel9.msdn.com/wiki/images/SecurityEngineering.gif

These include identifying security objectives, creating threat models, applying secure design guidelines, patterns and principles, conducting architecture and design reviews for security, performing regular code reviews for security, testing for security, and conducting deployment reviews to ensure secure configuration.
For more info, see SecurityEngineeringOverview

Threat Modeling

* ThreatModeling

Design Guidelines

* WebAppSecurityDesignGuidelines

Arch/Design Review

* WebAppSecurityArchDesignReview

Testing

* SecurityTesting

Code Review

* ManagedCodeSecurityCodeReview
* ADONETSecurityCodeReview
* ASPNETSecurityCodeReview
* BufferOverflowsSecurityCodeReview
* CASSecurityCodeReview
* CrossSiteScriptingSecurityCodeReview
* EntServicesSecurityCodeReview
* RemotingSecurityCodeReview
* SQLInjectionSecurityCodeReview
* UnmanagedCodeSecurityCodeReview
* WebServicesSecurityCodeReview

Deployment Review

* ASPNETSecurityDeploymentReview
* IIS5SecurityDeploymentReview
* NetworkSecurityDeplomentReview
* SQL2000SecurityDeploymentReview

Checklists

* ADONETSecurityChecklist
* ArchAndDesignSecurityChecklist
* ASPNETSecurityChecklist
* CLRSecurityChecklist
* EnterpriseServicesSecurityChecklist
* IIS5SecurityChecklist
* NetworkSecurityChecklist
* RemotingSecurityChecklist
* SQL2000SecurityChecklist
* WebServicesSecurityChecklist

Return to PatternsAndPracticesSecurityWiki

- History
  
  Modified By: System
  
  Apr 30th, 2008 @ 10:45 AM
  
  Views (104)
- Share
  - Del.icio.us
  - Digg
  - FriendFeed
  - Facebook
Markup Quick Guide

*bold*

_italics_

+underline+

! Heading 1

!! Heading 2

* Bullet List

** Bullet List 2

# Number List

## Number List 2

[another wiki page]

[url:http://www.example.com]

[image:example.gif]

{"Do not apply formatting"}

Channel 9: TWC9: Channel 9 Goes Live, Zune, detecting memory leaks, Life at MSFT
WindowsClient: Several WPF Localization questions
WindowsClient: Several WPF Localization questions
ASP.NET: http://silverlight.net/riaservices/ is Live!
Silverlight: Commitments
Silverlight: Commitments
Silverlight: Subscribe to 62 Silverlight Twitter’ers.
WindowsClient: XAML for WinMo6.5?
ASP.NET: Neat VS10 Feature: Pinning A Debugger Watch
Mix Online: When Projects Fall Apart
Channel 9: Microsoft Security Development Lifecycle (SDL) and Software Security Today
Silverlight: Designer v Xaml v Code
Channel 9: Windows Identity Foundation RC is here!
Mix Online: Calculating Risk
Channel 10: Adding Flip 3D to Windows 7's Taskbar
Channel 10: Workshare Releases New Tool for Comparing PowerPoint Presentations
Channel 10: Windows 7 Market Share Climbing Fast
Channel 10: Interview with one of Windows 7's Artists
WindowsClient: New WPF Features: Full Trust Xbap Deployment
ASP.NET: Recap of Oredev and some .net debugging videos
close

Microsoft Communities