It is often said that the price of security is constant vigilance. Despite your best dedication to security during the design and development of your application, you should assume that security flaws will arise after deployment. By auditing your application and analyzing event logs, you may discover some previously hidden flaws.
In addition, not only must you remain vigilant about your own application, you must also keep current on security threats and flaws for the platform on which your application runs and for other products on which your application depends.
- HOW TO: Monitor for Unauthorized User Access in Windows 2000 (Q300958) (http://support.microsoft.com/default.aspx?scid=kb;en-us;Q300958)
Describes how to monitor your system for unauthorized user access.
- Microsoft Security Bulletin Search (http://www.microsoft.com/technet/security/current.aspx)
This page makes it easy to find previously released bulletins. Intended for IT professionals, security bulletins provide detailed information regarding security updates.
- Windows Server 2003 Security Guide (http://www.microsoft.com/technet/security/prodtech/win2003/w2003hg/sgch00.mspx)
Delivers the guidance necessary for IT Professionals to securely operate a Windows Server 2003 environment while ensuring the right access to the right content by the right people.
- Enterprise Security Strategies: Best Practices (http://www.microsoft.com/technet/Security/bestprac/bpent/sec1/secstrat.mspx)
A collection of whitepapers focusing on the different aspects of security in enterprise networks.
- Microsoft Baseline Security Analyzer (http://www.microsoft.com/technet/security/tools/mbsahome.mspx)
The Microsoft Baseline Security Analyzer (MBSA) is a tool that enables an individual home user, a corporate user, or an administrator to scan one or more Windows-based computers for common security configuration mistakes.