Anil Revuru (RV), from
Microsoft Information Security, walks us through a configuration verification tool that will be part of a suite of tools that will help you assess your code as well as protect it. For more info watch the
Assessment
& Protection (A&P) Suite video.
WACA is designed to scan your development environment against best practices for .NET security configuration, IIS settings, SQL Server Security best practices and some Windows permission settings. It is helpful for verifying your configuration while unit testing
and ensuring there are no issues when the application is in production.
The CTP (Community Technology Preview) for this tool is available in
Microsoft Connect – Information Security Tools.
Read
CTP announcement and follow the
Security
Tools Team blog.