Anil Revuru (RV) and Mark Curphey, from Microsoft Information Security, introduce what would be in the future a suite of tools that will help you assess your code as well as protect it. This is called the Assessment & Protection (A&P) Suite and it includes the following tools:
- Web Protection Library (WPL) – which includes Anti-XSS, SRE, mitigation of SQL Injection, CSRF among others
- Web Application Configuration Analyzer (WACA)
- and room for more future add-ons
The CTP (Community Technology Preview) for these tools are available in
Microsoft Connect – Information Security Tools. These are currently individual as they shift to one-install.
Read CTP announcement and follow the Security Tools Team blog.