If you fancy yourself as a good code reviewer you can play spot the bug at
MSDN. They will be getting harder !
http://msdn.microsoft.com/security/
I like the second idea a lot. Thanks. I actually don't want to be web
appliction specific. I think what I will do is create a matrix, map the
current terms in existing standards (RFC 2828, NIST etc) and then I can
reference the term back to the official document in a central place. Argh,
blue skies
For a long time I have wanted to be able to point to a common set of
definitions for security terms (not the usual BS
marketing / Hax0r terms) that I can use and adopt in technical and
non-technical writing. Things like the OWASP Top
Ten re-write. So I created one using a Wiki so poeple can add,
I thought this was interesting. I missed it but I am sure the message will
please many on this list (myself included)
Bill Cheswick <[EMAIL PROTECTED]> wrote:
> Bill Gates gave a keynote on their current approach to security, and
> the contents of SP2, due out 1H 2004. From what I heard, Bi
steps that were not in the documentation".
However, he said the documentation didn't make it clear how to secure his network:
"The industry needs to make it easy for users like me -- who are reasonably
technically competent -- to employ solid security features and not make it so tempti
