I have to say this loud and clear: I love Troy Hunt blog!

You can find there some really funny yet scary stories about our times. In all the fantastic material you can find there, I have found particularly hilarious and troublesome a couple of articles about current practices around credential management. The first one is quite old, but its value has not diminished over the years : it is about password filtering and it introduces some nice examples about what you should not do.

The second article has just been published, and show some very bad practices about credential management.
I owe you a beer, Troy! 🙂

The Security Tools Product Group has just released a preview of the next version of the Threat Modeling Tool. It contains a load of usability improvements and a new template for Azure, developed by the Application Security Community within Microsoft Services, and in particular by the fine colleagues from the Global Delivery Team in Hyderabad.

You can find the announcement here.

Congratulations to the Security Tools Product Group, to the WW SDL Community and to the colleagues in the IGD Team!