More secure development with Attack Surface Analyzer

Earlier this week, Microsoft announced a new code/application analysis utility called Attack Surface Analyzer. This new tool is part of the Security Development Lifecycle (SDL) program that Microsoft has been running internally, but also opening up publicly. Here is the quick rundown from the announcement blog:

"The Attack Surface Analyzer beta is a Microsoft verification tool now available for ISVs and IT professionals to highlight the changes in system state, runtime parameters and securable objects on the Windows operating system. This analysis helps developers, testers and IT professionals identify increases in the attack surface caused by installing applications on a machine."

If you are interested in the beta release, download it here. The are versions for both 32 and 64-bit systems.