Rotavirus images is Creative Commons Share Alike 3.0: http://en.wikipedia.org/wiki/File:Rotavirus_with_antibody.jpg
-Security features versus secure features – SharePoint is very buzzword compliance with its provision of “security features” but it is crucial to determine if installations have properly used those security features and also crucial to know if new features that have been developed (WebParts, etc) have been done securely.
-Multiple tool scans from different vantage points -Using tools like Nessus and the Microsoft Baseline Security Analyzer (MBSA) -Internet scan would only be done if the MOSS server was Internet accessible (naturally)
ForeFront also has configurable text filtering rules for file content. This may help with some compliance issues that we address elsewhere (SSN, CC# detection)
-SharePoint uses an XML-based API to push/pull data from many of its constructs
Securing SharePoint TASSCC TEC 2009 Web 2.0 Conference Dan Cornell Email: [email_address] Twitter: @danielcornell March 26 th , 2009