I think I am going to rename this blog “Stuff that doesn’t fit into 140 chars” (stolen from Chris Anderson). I am mainly posting on Twitter these days, you can follow me here www.twitter.com/curphey . I am not sure how I missed this absolute gem of a blog post but I did. It’s a great [...]
Archive for the ‘Software Security’ category
Gem of a Security Post
June 15, 2009SDL in Visual Studio Team System
May 19, 2009….has arrived. Full details here.
Beautiful Security
May 11, 2009I have just got a few copies of Beautiful Security though the mail. Always nice to see your name on the cover of a book and your work in print. http://oreilly.com/catalog/9780596527488/
Series of Static Analysis Posts
December 22, 2008If you haven’t downloaded it here (or here if you run 64 bit) and run it against your .NET code you probably should. To support the CTP release of CAT.NET Andreas Fuchsberger (developer on CISG) and Ben Livshits (Microsoft Research) will be posting a series of blogs over the next few weeks about the work [...]
CAT.NET and Anti-XSS 3.0 Released for Free
December 15, 2008We have just released a free static analysis tool for .NET and the open source Anti-XSS 3.0 library (complete with Security Run-Time Engine). http://blogs.msdn.com/cisg/archive/2008/12/15/anti-xss-3-0-beta-and-cat-net-community-technology-preview-now-live.aspx
Security Runtime Engine
October 24, 2008Today we posted some preview details about a .NET security runtime engine we have been working on that overloads encoding methods in the .NET framework. It’s pretty cool, running at near native speed! http://blogs.msdn.com/cisg
Consumer Application Security or Enterprise Application Security ?
October 21, 2008When Linus Torvalds wrote about the security circus he echoed a lot of the sentiment I have felt for a while; when it comes to software security, people care about the wrong things for the wrong reasons. The sensationalism that follows the release of security bugs is of course understandable. The popular press want to [...]
Farewell Security Buddha – Hello Curphey 2.0
March 5, 2010I openly admit I had a mis-spent youth. I was expelled from school and then went on a rampage of sex, drugs, booze and rock and roll for the best part of a decade. I lived hand to mouth and did everything from stacking yogurts in a yogurt factory (working nights), selling houses, working behind [...]
Categories: Beautiful Security, Careers, Getting Things Done, Long Tail Security, Microsoft, OWASP, Productivity, Security Blogs, Security Book Reviews, Security Bullshit, Security Industry, Software Development, Software Security, Speaking, Technology Commentary, Travel, UX, Working at Microsoft, information security, open source
Comments: 9 Comments