Using the Code Analysis Tool (CAT.NET 2.0) to Identify Security Vulnerabilities
- Posted: Feb 25, 2010 at 12:18 AM
- 8,301 Views
- 4 Comments
Download
How do I download the videos?
- To download, right click the file type you would like and pick “Save target as…” or “Save link as…”
Why should I download videos from Channel9?
- It's an easy way to save the videos you like locally.
- You can save the videos in order to watch them offline.
- If all you want is to hear the audio, you can download the MP3!
Which version should I choose?
- If you want to view the video on your PC, Xbox or Media Center, download the High Quality WMV file (this is the highest quality version we have available).
- If you'd like a lower bitrate version, to reduce the download time or cost, then choose the Medium Quality WMV file.
- If you have a Zune, WP7, iPhone, iPad, or iPod device, choose the low or medium MP4 file.
- If you just want to hear the audio of the video, choose the MP3 file.
Right click “Save as…”
- High Quality WMV (PC, Xbox, MCE)
- MP3 (Audio only)
- MP4 (iPod, Zune HD)
- WMV (WMV Video)
Anil Revuru (RV) from Microsoft Information Security, gives a demonstration of the new version of CAT.NET (Code Analysis Tool for .NET) version 2.0. It is a static analysis tool that uses the Phoenix Compiler and its data flow graph.
Anil walks us through the dataflow rules and how it uses the source sink analysis to determine if there is a vulnerability or not. He also explains how the configuration analysis works and walks through the rules where insecure conditions exist. The demo
of the tool shows how the vulnerabilities are detected and how to interpret the results.
To learn more about this application, stay up to date on the latest news by following the Security Tools Team blog.
Watch related webcast
Download: CAT.NET 2.0
Comments Closed
Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation,
please create a new thread in our Forums,
or
Contact Us and let us know.
Follow the Discussion
At last some Phoenix news ("by proxy"). Downloading...
Can anyone advise where the download for this has gone? The link through to Microsoft Connect is returning 404.
So still noone fixed the download?
Maybe this CAT should run on this blog site to see where links are broken
We were supposed to exit out of the beta with RTM released on MS.COM download center, but we faced some design challenges for external release. You can read more about our efforts on external release at http://blogs.msdn.com/b/securitytools/archive/2010/06/30/cat-net-v2-0-update.aspx.
Remove this comment
Remove this thread
close