Thursday, September 17, 2009

Security Development Lifecycle Tools from Microsoft

Microsoft has released two additional tools to supplement secure development life cycle (SDLC) tools portfolio which includes well known AntiXSS, FxCop and Cat.NET.
The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to verify that required compiler/linker flags are being set, strong-named assemblies are in use, and up-to-date build tools are in place.
MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code. This tool creates multiple random variations of file content and feeds it to the application to exercise the code in an attempt to expose unexpected application behaviors.
Both tools (and others) are available to download for free from the Microsoft Security Development Life cycle Tools Repository.

No comments:

Post a Comment