In July, we kicked off a blog series focused on “Microsoft’s Free Security Tools.”\u00a0 The series highlights free security tools that Microsoft provides to help\u00a0make IT professionals’ and developers’ lives easier.\u00a0 A good tool can save a lot of work and time for those people responsible for developing and managing software.\u00a0In the series we discuss many of the benefits each tool can provide and\u00a0include step by step guidance on how to use each.\u00a0 Below is a summary of the tools covered in the series and a brief overview of each.<\/p>\n
\n\n
\n
Anti-Cross Site Scripting Library<\/strong><\/span><\/p>\n
The Microsoft Anti-Cross Site Scripting Library V4.2.1 (AntiXSS V4.2.1) is an encoding library designed to help developers protect their ASP.NET web-based applications from XSS attacks. It differs from most encoding libraries in that it uses the white-listing technique — sometimes referred to as the principle of inclusions — to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of characters, and encodes anything outside this set (invalid characters or potential attacks). The white-listing approach provides several advantages over other encoding schemes.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
Attack Surface Analyzer<\/strong><\/span><\/p>\n
Attack Surface Analyzer can help software developers and Independent Software Vendors (ISVs) understand the changes in Windows systems\u2019 attack surface resulting from the installation of the applications they develop.\u00a0 It can also help IT professionals, who are responsible for managing the deployment of applications or the security of desktops and servers, understand how the attack surface of Windows systems change as a result of installing software on the systems they manage.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
banned.h<\/strong><\/span><\/p>\n
The banned.h header file is a sanitizing resource that is designed to help developers avoid using and help identify and remove banned functions from code that may lead to vulnerabilities. Banned functions are those calls in code that have been deemed dangerous by making it relatively easy to introduce vulnerabilities into code during development.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
BinScope Binary Analyzer<\/strong><\/span><\/p>\n
The BinScope Binary Analyzer tool\u00a0can be helpful for both developers and IT professionals that are auditing the security of applications that they are developing or deploying \/ managing.\u00a0Auditing the software deployed in an environment and determining if it is making use of security mitigations can help risk managers make more meaningful assessments.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
EMET it is a free\u00a0toolkit\u00a0that helps prevent vulnerabilities in software from being successfully exploited for code execution. It does so by allowing developers to enable some of the latest mitigation technologies already built into Windows.\u00a0\u00a0The result is that a wide variety of software is made significantly more resistant to exploitation \u2013 even against zero day vulnerabilities and vulnerabilities for which an update has not yet been applied.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
Microsoft Baseline Security Analyzer<\/strong><\/span><\/p>\n
Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for IT professionals and helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It is a standalone security and vulnerability scanner designed to provide a streamlined method for identifying common security misconfigurations and missing security updates.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
Microsoft Safety Scanner<\/strong><\/span><\/p>\n
The Microsoft Safety Scanner is a free stand-alone virus scanner that is used to remove malware or potentially unwanted software from a system. The tool is easy to use and packaged with the latest signatures, updated multiple times daily.\u00a0 The application is not designed to replace your existing antimalware software, but rather act as an on demand virus removal tool in situations where you suspect your real time antimalware software might not be working correctly.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
Microsoft Security Compliance Manager<\/strong><\/span><\/p>\n
Microsoft\u2019s Security Compliance Manager (SCM) enables organizations to centrally plan, view, update, and export thousands of Group Policy settings for Microsoft client and server operating systems and applications.\u00a0\u00a0 It makes it easier for organizations to plan, implement, and monitor security compliance baselines in their Active Directory infrastructure.\u00a0 With SCM, IT Professionals can obtain baseline policies based on security best practices, customize them to the particular needs of their organization and export them to a number of formats for use in different scenarios.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
Portqry<\/strong><\/span><\/p>\n
Portqry is a TCP\/IP connectivity test tool, port scanner, and local port monitor.\u00a0 Portqry is designed to help IT Professionals troubleshoot networking issues as well as verify network security related configurations.\u00a0 Portqry is a great lightweight port scanner regardless of what version of Windows you are running.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
URLScan is a security tool that restricts the types of HTTP requests that IIS will process. URLScan scans incoming URL requests and associated data. It uses a series of rules to determine whether the information in each request is potentially dangerous, or contains information not normally expected.\u00a0 To help you diagnose any potential problems and any attempts to upset your server, URLScan can also log requests\u2014including the offending request data. By blocking specific HTTP requests, the URLScan security tool helps to prevent potentially harmful requests from reaching applications on the server.analyze threat models by communicating about the security design of their systems, Analyzing those design for potential security issues using a proven methodology and suggesting and managing mitigations for security issues.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n
\n
Windows Defender Offline<\/strong><\/span><\/p>\n
Windows Defender Offline is a standalone software application that is designed to help detect malicious and other potentially unwanted software, including rootkits that try to install themselves on a PC.\u00a0 Windows Defender Offline works by scanning an operating system to check the authenticity of any communication the operating system has with the Internet. If there is an application deemed unsafe, it will alert the user and block the contents of the application until the user either accepts or denies the risk.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
Please check back regularly as we continue our series focused on Microsoft’s Free Security Tools.<\/p>\n
Tim Rains \nDirector \nTrustworthy Computing<\/p>\n