Dan Sellers's WebLog
A Passion for .NET Security
Today is my last day at Microsoft. I wanted to thank everyone for joining me in my Security talks...
Date: 10/18/2006
I would recommend that you share this post on the https://blogs.msdn.com/S4CD with anyone that...
Date: 09/20/2006
The ASP.NET User Principal (HTTPContext.User) clearly depends upon the Authentication Mechanism that...
Date: 08/25/2006
The one area that many developers do not have good grasp at is how Authentication tokens from IIS...
Date: 08/24/2006
Wow, it has been a while since I did my last blog post. It may look like I disappeared but I am...
Date: 08/23/2006
With the ever increasing regulatory requirements for organizations, many of the applications we...
Date: 03/27/2006
The on-demand Webcast of SQL Server 2005 for Developers, conducted on March 22, 2006, by Rob...
Date: 03/24/2006
At MIX06, it was announced that the "Atlas" March CTP is now available and it has a Go Live license...
Date: 03/22/2006
In my latest Webcast on SQL Server 2005 Security one of the questions that came up was: “If some...
Date: 03/22/2006
This morning was a jammed filled session covering off a lot of changes made to Microsoft SQL Server...
Date: 03/22/2006
Earlier this week, MSDN Canada announced the realDEVELOPMENT_06 tour. realDEVELOPMENT_06 will...
Date: 03/22/2006
Recently, Microsoft released the latest update to Anti-Cross Site Scripting tool which is part of a...
Date: 03/19/2006
The on-demand version of the Visual Studio 2005 and Code Scanning Tools, conducted on March 15,...
Date: 03/16/2006
You may not have heard it here first, but Rick LaPlante announced today, at SDWest 2006, that...
Date: 03/16/2006
The Beta Experience is the new testing platform with tailor-made information for Microsoft...
Date: 03/15/2006
This year I will be speaking at VSLive in Toronto. VSLive will be held at the Toronto Congress...
Date: 03/15/2006
Back in December 2005 Microsoft created a series on the top ten things to do to make your...
Date: 03/14/2006
After last week WebCast--in which I talked about the new System.Security.SecureString class as well...
Date: 03/14/2006
To minimize the threat of Cross Site scripting attacks ASP.NET 1.1 introduced the...
Date: 03/13/2006
In my last Webcast on Least Privilege I eluded to the fact that this was going to change with the...
Date: 03/10/2006
I thought I would share Michael Howard's recent blog on "Security Analogies are Wrong". I agree with...
Date: 03/10/2006
The latest Webcast "Least Privilege Development and New System.Security Features" which is part two...
Date: 03/10/2006
Today Microsoft released Beta 2 of the second version of the Threat Modeling and Analysis Tool for...
Date: 03/10/2006
The answer to the trivial question from my blog based upon the March 8, 2006 WebCasts “Least...
Date: 03/09/2006
Here is another cool trick for running under Non Admin that was shared to me be by Aaron and works...
Date: 03/09/2006
In today’s Webcast we first started off with a continuation from last week. Last week we explored...
Date: 03/08/2006
In a recent post I mentioned that Microsoft released a new Anti-Cross Site Scripting Tool. However,...
Date: 03/07/2006
Recently I was pinged by a colleague in the security field and he asked me a question on why the...
Date: 03/07/2006
Last Wednesday--March 1, 2006--I delivered part one of my five part WebCasts' series on the new...
Date: 03/06/2006
This Wednesday--March 8, 2006--I will be doing part two of my part 5 Webcasts on some of the tools...
Date: 03/06/2006
Our forth episode #4 of plumbers at work is now online for listening pleasure. Show Notes...
Date: 03/06/2006
I have come to know and respect Dana Epp for over 3 years now. The one thing I can say about Dana is...
Date: 03/03/2006
When it comes to validating input regular expression becomes a very important part of your security...
Date: 03/03/2006
On Wednesday March 1, 2006 I conducted part one of a five part series titled “Security on the...
Date: 03/02/2006
The ASP.NET 2.0 and security team has released excellent training modules on APS.NET 2.0 security,...
Date: 02/27/2006
I just finished creating a web site that receives RSS feeds by using the ASP.NET 2.0 toolkit created...
Date: 02/27/2006
The Code Room is online ½ hour TV show focusing on developers and the programming challenges that...
Date: 02/26/2006
Microsoft just released a new Anti-XSS tool that works with .NET Framework 1.0, 1.1 and 2.0. Anytime...
Date: 02/23/2006
Wow! We currently have 1800 people registered for Security on the Brain Webcasts. There is still...
Date: 02/23/2006
One of the themes discussed at RSA 2006 was Secure Software. Secure software is up to businesses and...
Date: 02/23/2006
The February CTP for Windows Vista, Windows SDK (and WinFX) and Orcas technologies such as Cider...
Date: 02/23/2006
As I mentioned in my last blog entry I think Code Snippets is one my favorite features in Visual...
Date: 02/22/2006
I would have to rank Code Snippets as one of my favorite features added to Visual Studio 2005. But...
Date: 02/22/2006
If you have been using Visual Studio 2005 at least once you will have probably noticed that the...
Date: 02/22/2006
When I recently installed only the v2.0 .NET redist package, I noticed that the .NET Configuration...
Date: 02/22/2006
If you are writing Services for Windows then you need to read the just released Microsoft Knowledge...
Date: 02/22/2006
The ASP.NET team created some high quality video series on ASP.NET 2.0 – the How Do I video series....
Date: 02/21/2006
The OASIS group has officially approved WS-Security v1.1 as a standard. Check out the official...
Date: 02/19/2006
I think by now we all know that all data input from a Web UI should be considered evil until...
Date: 02/16/2006