Using Web Application Configuration Analyzer (WACA) - CTP Version

Anil Revuru (RV), from Microsoft Information Security, walks us through a configuration verification tool that will be part of a suite of tools that will help you assess your code as well as protect it. For more info watch the Assessment & Protection (A&P) Suite video.

WACA is designed to scan your development environment against best practices for .NET security configuration, IIS settings, SQL Server Security best practices and some Windows permission settings. It is helpful for verifying your configuration while unit testing and ensuring there are no issues when the application is in production.

The CTP (Community Technology Preview) for this tool is available in Microsoft Connect – Information Security Tools.

Read CTP announcement and follow the Security Tools Team blog.