Michael Howard's trustworthy computing lessons

Blog:tech
My Security Planet
FuckTheSpam!
Projects
Grabber
PHP-Ast/Oracle
Resume

Last comments

Oh please stop it with these ridiculous CAPTCHAs! - a
Oh please stop it with these ridiculous CAPTCHAs! - ta
Oh please stop it with these ridiculous CAPTCHAs! - Technology Hacker
Oh please stop it with these ridiculous CAPTCHAs! - Romain
Oh please stop it with these ridiculous CAPTCHAs! - emerose
Oh please stop it with these ridiculous CAPTCHAs! - Andre gironda
Attack Surface oriented Crawler: Focusing on what you actually want - rekiso@Demon.Deacons.com
Search engine keywords extraction - artı Ajans
Acunetix is releasing a free XSS scanner - Danny
Code review tools: the missing link (so far) - romain
Code review tools: the missing link (so far) - BEN
SATE ready to go + weaknesses walker + Shmoo + 100 - romain
SATE ready to go + weaknesses walker + Shmoo + 100 - Marcin
SATE ready to go + weaknesses walker + Shmoo + 100 - romain
SATE ready to go + weaknesses walker + Shmoo + 100 - Marcin
NIST Static Analysis Tool Exposition: No, this is not a competition! - andre gironda
How come I didn't know this resource!! - dre
PHP Source Code Analyzer - dre
IE6 And IE7 don't have compatible CSS tricks - Woody
Interoperability and web application scanners - romain

Last entries

My talk at SAW: Automated Evaluation of source code analyzer output
ph34r the script kiddies: Whitehouse.org
Yet another study on code quality: A Tale of Four Kernels
Static Analysis Tool Exposition is over
Oh please stop it with these ridiculous CAPTCHAs!
Accelerate the convergence to the bug: Running the test in 16-bit
Scaling MySQL db
MySQL table/field names
Untrusted websites passwords
NIST SATE step 3 completed: test cases information release
Code review: facilitate the SCA output analysis
OWASP France Chapter & OWASP Top Ten 2007 French
Code review tools: the missing link (so far)
SATE ready to go + weaknesses walker + Shmoo + 100
NIST Static Analysis Tool Exposition: No, this is not a competition!
Talk: Problems and solutions for testing web application security scanners
Definition parsing: first step done
Search engine keywords extraction
How come I didn't know this resource!!
Protection against spam bot | fuckthespam.com
PHP Source Code Analyzer
Leaving for Hawaii, HICSS conference
[WASC] Release of Script Mapping Project
"My Security Planet"
Attack Surface oriented Crawler: Focusing on what you actually want
Static Analysis Framework: PHP-Ast/Oracle
Yet another study oriented release
The new grabber
Interoperability and web application scanners
My talk at the Verify Conference
IE6 And IE7 don't have compatible CSS tricks
Stuck at data-flow? Do box-modeling!
Michael Howard's trustworthy computing lessons
Working around security metrics...
Acunetix is releasing a free XSS scanner
Source Code Obfuscation
I now understand why it's difficult!
Web App Security Scanner Evaluation Criteria
Comments problems
Anti-CSRF and static pages

Blog:tech

This is a simple blog about my work, my thoughts and so on. I am mostly writing about security, web, technologies... but I am also interested in data-mining, graph theory and compilers.

Contact:

By Romain Tuesday, October 16 2007 - 10:26 UTC - Information - Permalink

I'm not usually posting news about article, blog entries etc. But this one is actually a very good one. Michael Howard is actually sharing his 5 years experience about secure code.

Here is the article: http://msdn.microsoft.com/msdnmag/issues/07/11/Lessons/

Comments

This post's comments feed

Last comments

Last entries

Blog:tech

Tags

Categories

Links

Web Security

General Sec.

Other

Michael Howard's trustworthy computing lessons

Comments

Add a comment