Category Archives: Microsoft

What’s the point of reporting 0day?

Posted on June 17, 2013 by Simon Roses

In the last weeks the news related to PRISM has not stopped since leaked by Edward Snowden, who worked for Booz Allen Hamilton, a defense contractor for the NSA. One interesting outcome of these leaks is the NSA access to … Continue reading →

Posted in Business, Microsoft, Pentest, Security, Technology | Tagged 0Day, Application Security, attack vector, Computer Network Operations (CNO), Cyber Wars, exploit, Google, Information Security, Information Warfare, Intelligence, Software Security | Leave a comment

AppSec: Security Code Review Process

Posted on November 8, 2011 by Simon Roses

[Español] En mi trabajo paso la mayor parte del tiempo auditando código y he pensado que sería interesante para el lector contar un poco nuestro proceso y de paso ver cómo lo hacen los demás. [English] I spend most of … Continue reading →

Posted in Microsoft, OWASP, Pentest, SDL, Security, Technology | Tagged Application Security, Information Security, Microsoft, SDL, Software Security | Leave a comment

AppSec: Static Analysis Using Visual Studio 2010 for Hunting C/C++ Bugs

Posted on September 14, 2011 by Simon Roses

[Español] Para este artículo hablaremos de una magnífica herramienta como es Visual Studio 2010, el entorno de desarrollo de Microsoft, que utilizo a diario para realizar auditorías de código en C/C++ o .NET. Cuando imparto clases sobre SDL es frecuente … Continue reading →

Posted in Microsoft, Pentest, SDL, Security, Threat Modeling | Tagged Application Security, Code Review, Information Security, Microsoft, Penetration Testing, SDL, Software Security, Static Analysis, Visual Studio | 1 Comment

Category Archives: Microsoft

What’s the point of reporting 0day?

AppSec: Security Code Review Process

AppSec: Static Analysis Using Visual Studio 2010 for Hunting C/C++ Bugs

Archives

Meta

Languages

My Speaking Events

Search www.simonroses.com

Categories

Blogroll