Subscribe: Dan Sellers's WebLog
http://blogs.msdn.com/dansellers/rss.aspx
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
atlas  blog  compliance developers  compliance  developers  iis  net  secure code  security  server security  server  sql server  sql  webcast 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Dan Sellers's WebLog

Dan Sellers's WebLog



A Passion for .NET Security



Last Build Date: Fri, 24 Jul 2015 08:16:54 +0000

 



My last Day at Microsoft

Wed, 18 Oct 2006 15:25:00 +0000

Today is my last day at Microsoft.  I wanted to thank everyone for joining me in my Security talks over the last few years. There will no longer be any entries at this blog, but please visit the Security Four Canadian Developers blog as this blog will be continued to be updated with great security...



Security Myth: Only Large Development Teams can Write Secure Code

Wed, 20 Sep 2006 15:49:00 +0000

I would recommend that you share this post on the http://blogs.msdn.com/S4CD with anyone that automatically cite resources as an excuse for not writing secure code.  This  is an extremely well documented example of how a small team can developer secure code and also makes a good point how the smaller business are putting themselves at...



IIS 6.0 and ASP.NET 2.0 Credentials–Part Two

Fri, 25 Aug 2006 00:43:00 +0000

The ASP.NET User Principal (HTTPContext.User) clearly depends upon the Authentication Mechanism that you selected in IIS 6.0 “Authenication Tab” and if you use Integrated Windows Authentication then it is dependant on the IIS impersonation token that get handed off in the extension control block via the ASP.NET 2.0 ISAPI API.   Part two of IIS 6.0 and...



IIS 6.0 and ASP.NET 2.0 Credentials

Thu, 24 Aug 2006 14:34:00 +0000

The one area that many developers do not have good grasp at is how Authentication tokens from IIS 6.0 is passed to ASP.NET 2.0 and how these tokens can subsequently be used for Authorization in an ASP.NET 2.0 Web Application. The one question that arises quite often is when I click on “Integrated Windows Authentication”...



New Security Blog dedicated to Canadian Developers

Wed, 23 Aug 2006 23:47:00 +0000

Wow, it has been a while since I did my last blog post.  It may look like I disappeared but I am still around and was just keeping a low profile for the summer months.  Based upon your feedback I have recently created a new blog, but this time, the blog will be dedicated 100%...



Regulatory Compliance: An Introduction to Compliance for Developers

Mon, 27 Mar 2006 01:14:00 +0000

With the ever increasing regulatory requirements for organizations, many of the applications we write may need to meet certain compliances.  Here is an interesting read for developers:  Regulatory Compliance Demystified: An Introduction to Compliance for Developers



SQL Server 2005 Security for Developers Webcast for on-demand viewing is available

Fri, 24 Mar 2006 02:26:00 +0000

The on-demand Webcast of SQL Server 2005 for Developers, conducted on March 22, 2006, by Rob Walters–Program Manager, SQL Server Security–and I, is now available for on-demand viewing. Post Notes from this Webcast can be found at my blog. Look forward to seeing everyone for next week webcast.



"Atlas" March CTP with Go Live license, now available

Wed, 22 Mar 2006 18:13:00 +0000

At MIX06, it was announced that the “Atlas” March CTP is now available and it has a Go Live license so you can take applications into production.  The atlas team also re-launched the http://atlas.asp.net/ with a new “Atlas” enabled experience, customer profiles, improved “Atlas” documentation and more.    Lastly, MIX06 kicked off the “Mash-it-up with ‘Atlas'”...



Regenerating Keys in SQL Server 2005

Wed, 22 Mar 2006 16:54:00 +0000

In my latest Webcast on SQL Server 2005 Security one of the questions that came up was: “If some fields of your table are encrypted and you are suspicious that the key has been revealed can you re-encrypt all the fields with the regenerated key”?  Currently, there is no easy way to manage a key...



Post Webcast’s Notes: Securing SQL Server 2005 for Developers

Wed, 22 Mar 2006 15:59:00 +0000

This morning was a jammed filled session covering off a lot of changes made to Microsoft SQL Server 2005.  Over the last few weeks we talk exclusively about Front End security issues such as Input trust and the creation of a Development and Design environment to better emulate your production environment.  However, today we switched...