ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/reg/register.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    Microsoft introduces Attack Surface Analyser

The Attack Surface Analyser will help users understand how adding applications could impact the security of Microsoft systems.

By Tom Brewster, 19 Jan 2011 at 13:51

Security
Security gallery

Microsoft has launched a testing tool for developers to figure out the security implications of their apps.

The Attack Surface Analyser has been launched in beta form at the Blackhat DC event taking place this week.

It is designed to help developers “identify increases in the attack surface caused by installing applications on a machine,” Microsoft explained in a Secure Development Lifecycle blog post.

“The tool takes snapshots of an organisation's system and compares … these to identify changes,” the company said.

“Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters that affect a computer's attack surface.”

The tool searches for classes of security weaknesses as applications are installed on to a Windows OS.

“The tool also gives an overview of the changes to the system Microsoft considers important to the security of the platform and highlights these in the attack surface report,” the Redmond giant said.

Developers will be pleased to hear Microsoft has made the technology available from now for free.

There has been plenty of debate around app security this week.

Facebook decided to rethink a feature designed to grant developers access to user phone numbers and addresses.

The social network said it wanted to ensure users were only giving away data they wanted.

Sophos suggested Facebook should adopt the “walled garden” approach Apple uses when it comes to allowing apps.

Email to a friend

Print this page

< Previous   Security : News Next >

Office 365: A complete Guide

Be the first to comment on this article

You need to Login or Register to comment.

    You may also like...

 Sponsored Links

advertisement

    You may also like...

    Latest Security Analysis & Insight

passwords

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

Read more

 

More Security Analysis & Insight

    Latest Security Reviews

Check Point 2210 Appliance

Check Point 2210 Appliance review

Rating: 4

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

Read more

 

More Security Reviews

advertisement

    Most popular

    Latest News Videos in Security

Data protection

IT PRO Podcast: Are UK data protection laws flawed?

Play IT PRO Podcast: Are UK data protection laws flawed?   Play

We bring in two experts to talk about the problems with UK data protection law and the way it is managed.

 

    Register for IT PRO

You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.

Register
Sponsored Links
Advertisement