Sign In

Subscribe

Anti-XSS Library v3.1: Find, Fix, and Verify Errors

Posted By: Jossie Tirado | Sep 23rd @ 10:20 AM | 2,784 Views | 4 Comments

Anil Revuru (RV) from Microsoft Information Security, gives a demonstration of the new features on the Anti-XSS Library v3.1 including HTML Sanitization which provides new methods to the Anti-XSS class to strip malicious characters or scripts off of HTML and returns safe HTML.

He talks about:

What is Cross-Site Scripting Attack (XSS)
How to detect Cross Site Scripting Vulnerabilities
Introduction of Anti-XSS Library
What’s new in Anti-XSS Library 3.1
Anti-XSS 3.1 demo
Security Runtime Engine (SRE)
SRE Demo

To learn more about this application and stay up to date on the latest news, read the following blogs from Information Security and previous posts from the Security Tools Team blog.

Overview of the Anti-XSS Library
Download: Microsoft Anti-Cross Site Scripting Library v3.1

Tags: ace, ace team, antixss, information security, infosec, ist, Security, Tools

Media Downloads:

Rating:

0

0

Tavis

I get an error message when I tried to play the video:

Media Failure. Try reloading the page or visiting the main site for assistance.

I tried reloading the page without success.

Jossie

In reply to Tavis

#Nov 10th @ 6:30 AM

Hi Tavis, try playing the video now. Usually it is not the video but the site. When you see that message come back to the video later and it tends to be fixed. It worked for me now. Let me know!

SrinivasG

Thanks for the demo.. This is really very informative..

ramaraju.r

Thanks a lot! Very informative.

WindowsClient: codeplex.com/testapi v 0.4 available
ASP.NET: ASP.NET 4.0 ScriptManager Improvements
WindowsClient: XAML Toolkit CTP = FxCopXaml + XamlDom + System.Xaml.dll support for Silverlight XAML
Channel 9: Fishbowl for Facebook
WindowsClient: Free Embeddable Fonts for your WPF Applications
ASP.NET: Program Manager Position on the ASP.NET PM team
Channel 10: Microsoft Teams Up with Nielsen
Channel 10: What Azure Looks Like
ASP.NET: Orchard team looking for a new developer
Channel 10: Student Discount on Office 2008 for Mac Now Available
WindowsClient: Surface SDK 1.0 SP1 supports XNA Game Studio 3.0 and later
WindowsClient: TestAPI 0.4 Released
Channel 9: Using the SharePoint Business Data Connectivity Designer in VS 2010
Channel 9: 10-4 Episode 36: Windows Server AppFabric and Workflow Services Lab
WindowsClient: New WPF Features: DatePicker\Calendar\VSM\Datagrid
Channel 9: Corrinne Yu: Principal Engine Architect, Halo Team Microsoft
TechNet Edge: IT Pro Momentum y Evidencias
Channel 10: Xbox Goes Social with Facebook, Twitter, and Zune Integration
ASP.NET: Enabling the ASP.NET Ajax script loader for your own scripts
ASP.NET: Building High Performance Web Applications
close

Microsoft Communities