Anti-XSS Library v3.1: Find, Fix, and Verify Errors
Play Enhanced Web Protection Library
Description
Anil Revuru (RV), from Microsoft Information Security, introduces the expansion of what used to be the Anti-XSS Library. But web vulnerabilities are not only around Cross-Site Scripting (XSS) attacks. This enhanced version of the library will introduce mitigation to other attacks like:
- SQL Injection
- Cross-Site Request Forgery (CSRF)
- Setting Enforcement like SSL & HTTP_ONLY cookies
- Security Runtime Engine for SQL Injection & XSS
- Among others
The CTP (Community Technology Preview) is available in
Microsoft Connect – Information Security Tools.
Read CTP announcement and follow the Security
Tools Team blog.
Download
Right click or Alt+Enter to download this episode
- High Quality WMV (108.3 MB)
- MP3 (7.1 MB)
- Low Quality MP4 (119.2 MB)
- WMV (161.2 MB)
rss
The Discussion
More episodes in this series
Web Application Configuration Analyzer (WACA)
Related episodes
Using the Web Protection Library (WPL) - CTP Version
Assessment and Protection Suite
Anti-XSS Library v3.1: Find, Fix, and Verify Errors
Anti-XSS 3.0 Released
Using Web Application Configuration Analyzer (WACA) - CTP Version
Web Application Configuration Analyzer (WACA)
Connected Information Security Framework: Core Components
CISF: Build Custom Security Solutions
Using the Code Analysis Tool (CAT.NET 2.0) to Identify Security Vulnerabilities
Technical Preview for CAT.NET 2.0
