It is often said that the price of security is constant vigilance. Despite your best dedication to security during the design and development of your application, you should assume that security flaws will arise after deployment. By auditing your application and analyzing event logs, you may discover some previously hidden flaws.
In addition, not only must you remain vigilant about your own application, you must also keep current on security threats and flaws for the platform on which your application runs and for other products on which your application depends.
- Staying Secure
- Discusses the need for vigilance after deploying an application.
- HOW TO: Monitor for Unauthorized User Access in Windows 2000 (Q300958) (http://support.microsoft.com/default.aspx?scid=kb;en-us;Q300958)
- Describes how to monitor your system for unauthorized user access.
- Microsoft Hotfix and Security Bulletin Service (http://www.microsoft.com/technet/security/current.asp)
- This page makes it easy to find previously released bulletins. Intended for IT professionals, security bulletins provide detailed information regarding security updates.
- Security Operations Guide for Windows 2000 Server (http://www.microsoft.com/TechNet/security/prodtech/windows/windows2000/staysecure)
- Delivers the guidance necessary for IT Professionals to securely operate a Windows 2000 environment while ensuring the right access to the right content by the right people.
- Best Practices for Enterprise Security (http://www.microsoft.com/technet/security/bestprac/bpent/bpentsec.asp)
- A collection of whitepapers focusing on the different aspects of security in enterprise networks.
- Baseline Security Analyzer (http://www.microsoft.com/technet/security/tools/tools/mbsawp.asp)
- The Microsoft Baseline Security Analyzer (MBSA) is a tool that enables an individual home user, a corporate user, or an administrator to scan one or more Windows-based computers for common security configuration mistakes.