Security Tools Due for Microsofts Whidbey Visual Studio

By Darryl K. Taft  |  Posted 2004-02-24 Print this article Print

At the RSA Conference on Tuesday, Bill Gates announced a set of new security tools that will be rolled into the upcoming release of Microsoft Visual Studio, code-named Whidbey.

Microsoft Corp. on Tuesday announced new tools to help developers build more secure applications at the RSA 2004 Conference in San Francisco. As part of his keynote at the conference, Microsoft chairman and chief security architect Bill Gates laid out the Microsoft security vision, including technologies that will be rolled into Windows over the coming months and even years. The new capabilities include dynamic system protection and a caller ID system for e-mail. Read more here about Microsofts security announcements at RSA.
Part of that vision includes tools to help developers build secure code. And to that extent Microsoft will be including new tools out of Microsoft Research in the upcoming release of Microsoft Visual Studio, code-named Whidbey, Gates said.
Among the tools going into Whidbey will be Prefast, Prefix and FxCop, which will provide static security-defect-detection, prevention, and mitigation capabilities for unmanaged and managed code, Microsoft officials said. Prefix is a defect-detection tool that will perform static analysis on code to find errors like memory leaks and other problems. Prefast will be a lighter-weight program analysis tool for detecting defects via static analysis. Prefast gives an XML description of each defect, with information about the effect if the defect, hypothesis of the cause, severity, examples and documentation. Meanwhile, FxCop is a code analysis tool that checks .Net-managed code assemblies for conformance to the Microsoft .Net Framework design guidelines, the company said. Also at the conference, Gates highlighted the availability of the Security Scenarios Working Group draft for public review. To read more about Microsofts proposals for Web services security, click here. The Security Scenarios document, developed by the Web Services Interoperability Organization (WS-I) Security Profile Working Group, identifies security challenges and threats in building interoperable Web services and proposes countermeasures for these risks, Microsoft and WS-I officials said. Paul Cotton, Microsofts program manager of XML standards, chairs the WS-I Security Profile Working Group. Want the story latest news, reviews and analysis in programming environments and developer tools? Check out eWEEKs Developer Center at
Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel