Microsoft Introduces Quick Security References

Posted by on January 19, 2010

Yesterday, Microsoft released two new Quick Security References (QSR’s) to help application development teams understand Security issues.  These new guides are the first part of a continuing series to help multiple roles within the team understand common vulnerabilities.  Not only do they provide great detail on the security issues, but they also help teams move toward SDL adoption. 

The first two QSR’s focus on Cross Site Scripting and SQL Injection.  I think it is good that they started with these two vulnerabilities because they are the two most common types of attacks.  These two vulnerabilities take turns in the first and second position on the OWASP Top 10.  I encourage anyone and everyone involved with applications, from the business personnel to the technical teams, to read over these guides.   They are about 20 pages in length, but provide a really good description of the attacks.

The QSR’s can be downloaded from Microsoft here:


Comments are closed.