Export (0) Print
Expand All

Related Security Resources

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

J.D. Meier, Alex Mackman, Srinath Vasireddy, Michael Dunner, Ray Escamilla and Anandha Murukan

Microsoft Corporation

Published: June 2003

See the "patterns & practices Security Guidance for Applications Index" for links to additional security resources.

See the Landing Page for the starting point and a complete overview of Improving Web Application Security: Threats and Countermeasures.

Contents

Related Microsoft patterns & practices GuidanceSecurity-Related Web SitesMicrosoft Security Services
Partners and Service ProvidersCommunities and NewsgroupsPatches and UpdatesService PacksAlerts and NotificationAdditional Resources

Related Microsoft patterns & practices Guidance

More Information

For more information on patterns and practices, refer to the Microsoft patterns & practices home page at http://msdn.microsoft.com/practices

Security-Related Web Sites

Microsoft Security-Related Web Sites

Third-Party, Security-Related Web Sites

Microsoft Security Services

  • Awareness and educational services
    • Enterprise Security Strategy Seminar
    • Securing the Enterprise Platforms Workshop
  • Security assessment services
    • Vulnerability assessment
  • Security solutions services
    • Security design reviews
    • Incident response service

For information on these services, contact Microsoft Consulting Services:

For free support on virus issues:

Partners and Service Providers

Communities and Newsgroups

Newsgroup Home Pages

For security issues within specific .NET Framework technologies, refer to the appropriate newsgroup:

Patches and Updates

Service Packs

Alerts and Notification

Microsoft Security Notification Services

Third Party Security Notification Services

  • CERT Mailing Lists at http://www.cert.org/other_sources/usenet.html

    Informative advisories are sent when vulnerabilities are reported.

  • Windows and .NET Magazine Security UPDATE at [Content link no longer available, original URL:"http://email.winnetmag.com/winnetmag/winnetmag_prefctr.asp#Security"]

    This announces the latest security breaches and corresponding fixes. It also gives advice on reacting to vulnerabilities.

  • NTBugtraq at http://www.ntbugtraq.com/default.aspx.

    This is an open discussion of Windows security bugs and exploits. Vulnerablities that do not have patches are discussed.

  • Internet Storm Center at http://isc.sans.org/
  • This site tracks the frequency of worms, denial of service attacks, as well as other kinds of attacks.
  • Security Focus Web site at http://www.securityfocus.com/

Additional Resources

Checklists and Assessment Guidelines

Common Criteria

  • Windows 2000 Common Criteria Guide at http://technet.microsoft.com/en-us/library/cc723510.aspx

    The Windows 2000 Common Criteria Security Target (ST) provides a set of security requirements taken from the Common Criteria (CC) for Information Technology Security Evaluation. The Windows 2000 product was evaluated against the Windows 2000 ST and satisfies the ST requirements.

    This document is written for those who are responsible for ensuring that the installation and configuration process results in a secure configuration. A secure configuration is one that enforces the requirements presented in the Windows 2000 ST, referred to as the Evaluated Configuration.

Reference Hub

Security Knowledge in Practice

  • CERT Security Improvement Modules at [Content link no longer available, original URL:"http://www.cert.org/security-improvement/skip.html"]

Vulnerabilities

World Wide Web Security FAQ

Retired Content

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Show:
© 2014 Microsoft