Microsoft have just released a couple of new security tools that might be useful, especially if you’re still running some legacy ASP applications.

  • Microsoft Source Code Analyzer for SQL Injection - a static code analysis tool for finding SQL Injection vulnerabilities in ASP code
  • Microsoft Urlscan Filter v3.0 Beta - a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, UrlScan helps prevent potentially harmful requests from being processed by web applications on the server.

UrlScan has been around for quite a while, so I’ll be interested to see what new features are part of v3.