Escaping single quote characters is sometimes used as mitigation for SQL injection vulnerabilities. On the other hand, when data assigned to a SQL Server character variable exceeds the defined length for that variable, the extra characters get truncated. This video demonstrates how this property of truncation may be used by an attacker to circumvent the above mentioned mitigation, resulting in a SQL injection attack. Various options of fixing SQL injection issues are also discussed.

SQL Server 2008 introduced a new feature known as Policy Based Management (PBM). This feature allows us to create policies for our SQL server instance. Few important features of Policy Based Management are:
- It is similar to group policy feature provided by Windows
- We can create SQL Server Policies and deploy these policies across multiple servers
- Policies can be scheduled or we can run them on demand
- Policy can also rollback the transaction (policy violating transactions) with raising an error
In this video I’ll showcase how we can leverage Policy Based Management to secure our SQL server environment. I’ll introduce you with these basics of PBM and we will see how we can build policies related to SQL server security and assess those policies on our SQL Server instance.

You can use the Bing Search Service to search the Internet inside a Windows Mobile Application. Besides searching for Web pages, you can amongst others also search for Mobile Web pages, multimedia content and phone book entries. In this video, Maarten Struys shows you how to use the Bing Web Service inside your own application and how you can make use of the returned results to for instance make a phone call to a particular company.

Windows Mobile Devices are available in localized versions. The .NET Compact Framework gives you good support to create localized applications, in other words, applications that use the same language as the localized Windows Mobile Device is working in. In this video, Maarten Struys shows you how to create a localized application with a default English User Interface as well as a localized Dutch User Interface.

To improve application usability, many applications need to support viewing data page-by-page. In this screencast, you'll learn how Windows Azure table storage provides a built-in mechanism that allows you to efficiently page through query results.

Windows Azure table storage is designed to support many users at the same time. In this session, you'll learn how Windows Azure table storage supports concurrency, and you'll learn a few strategies to help you deal with any concurrency violations.

This video will show you how to modify the default work items that are included in the SDL Process Template. We will cover how to modify the default work items that are created in your new SDL Process Template team project. We will also review how to modify the default work item types - such as Task or Bug. The Microsoft SDL Process Template for Visual Studio Team System was created to ease adoption of the SDL by automatically integrating the policy, process and tools of the Security Development Lifecycle v4.1 into Visual Studio Team System 2008.

This video will show you how to use the SDL Process Template document templates and security metrics reporting. The built in SDL document templates will help you jump start your use of the Microsoft SDL. The reporting will allow you to improve your visibility into the key security risks for your application and the progress your team is making toward their security goals. The Microsoft SDL Process Template for Visual Studio Team System was created to ease adoption of the SDL by automatically integrating the policy, process and tools of the Security Development Lifecycle v4.1 into Visual Studio Team System 2008.

In this video we will first show you how to install the SDL Process Template. Then we will walk you through how to begin using it in your new project. The Microsoft SDL Process Template for Visual Studio Team System was created to ease adoption of the SDL by automatically integrating the policy, process and tools of the Security Development Lifecycle v4.1 into Visual Studio Team System 2008.

In this video we will introduce you to the SDL Process Template check-in policies and then show you how to enable the check-in policies for yourself and your team. Finally, we will demonstrate the check-in policies in action as well as how you can be alerted when someone overrides a check-in policy.