implementing a security development lifecycle
Microsoft Threat Modeling Tool to create a threat model that can help highlight STRIDE threats in an application. You also will run the Attack Surface Analyzer to take a snapshot of the processes and services running on the server. You will first collect a baseline snapshot and run it again later for comparison. You will use the SDL Regex Fuzzer to test Regular Expressions for the ReDOS vulnerability. Finally, you will use the BinScope Binary Analyzer to discover possible security issues inside of dynamic link libraries (DLL).