Many also wanted links to the tools I mentioned during the presentation. Here is a list of those tools:
- SDL Process Guidance 4.1a (includes SDL-Agile towards the bottom of the document
- CAT.NET v2, Web Protection Library (Includes Anti-XSS Library and Security Runtime Engine), and the Web Application Configuration Analyzer
- web.config security analyzer
- Microsoft FxCop 1.36
- Microsoft Code Analysis Tool .NET (CAT.NET) v1 CTP - 32 bit (Old version of CAT.NET)
- Microsoft Code Analysis Tool .NET (CAT.NET) v1 CTP - 64 bit (Old version of CAT.NET)
- BinScope Binary Analyzer
- MiniFuzz File Fuzzer
- MSF-Agile plus Security Development Lifecycle Process Template for VSTS 2008
- Microsoft SDL Process Template For Visual Studio Team System
- Microsoft SDL Threat Modeling Tool
Please feel free to email me with any questions or comments about the presentation.