Code Analysis Tool .NET (CAT.NET) Overview > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/157177be-5b61-458c-b13b-09ae2fff5aff] About This Video Code Analysis Tool .NET is a command line tool that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies. CAT.NET also helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection, and XPath Injection. It is used during the Implementation phase of the Microsoft Security Development Lifecycle (SDL). It is available in both 32-bit and 64-bit versions.   Published Date: 2/24/2011 Presented By: Anil Revuru and Georgeo Pulikkathara Downloads Video:WMV | MP4 | WMV (ZIP)

Related Videos SDL Threat Modeling Tool Overview Code Analysis for C/C++ Overview SDL Process Template for Visual Studio Team System Overview Anti-Cross Site Scripting (Anti-XSS) Library Overview SiteLock ATL Template Overview banned.h Header File Overview Related Resources Microsoft Security Development Lifecycle Tools The Implementation Phase of the Microsoft SDL