This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Michael Howard

Becoming a Security Expert

January/February 2008 (vol. 6 no. 1)

pp. 71-73

1. 71 M. Howard, "Mitigate Security Risks by Minimizing the Code You Expose to Untrusted Users," MSDN Magazine: The Microsoft Journal for Developers, Nov. 2004; http://msdn.microsoft.com/msdnmag/issues/ 04/11/AttackSurfacedefault.aspx.2. Microsoft Security Bulletin MS06-034, "Vulnerability in Microsoft Internet Information Services Using Active Server Pages Could Allow Remote Code Execution,"11 July 2006; www.microsoft.com/technet/security/Bulletin MS06-034.mspx.3. Microsoft Security Bulletin MS04-030, "Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service,"12 Oct. 2004; www.microsoft.com/technet/security/Bulletin MS04-030.mspx.4. M. Howard, "A Security Lesson that Transcends Programming Language and Operating System Religion,"22 June 2007; http://blogs.msdn.com/sdl/archive/2007/06/ 22a-security-lesson-that-transcends-programming-language-and-operating-system-religion.aspx .5. M. Howard, "A Process for Performing Security Code Reviews," IEEE Security &Privacy, vol. 4, no. 4, 2006, pp. 74–79.6. S. Lambert, "Fuzz Testing at Microsoft and the Triage Process,"20 Sept. 2007; http://blogs.msdn.com/sdl/archive/2007/09/ 20fuzz-testing-at-microsoft-and-the-triage-process.aspx .7. J. Whittaker, "Testing in the SDL,"24 May 2007; http://blogs.msdn.com/sdl/archive/2007/05/ 24testing-in-the-sdl.aspx.8. J. Whittaker, "Reliability vs. Security,"7 Dec. 2007; http://blogs.msdn.com/sdl/archive/2007/12/ 07reliability-vs-security.aspx.