Here is a good whitepaper published by Microsoft about the techniques to tackle vulnerabilities in your application.
http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=26788
Some highlights:
http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=26788
Some highlights:
- Economics of exploitation – attacker’s return on investment
- Tactics behind exploit mitigation technologies like enforcing variants, creating artificial diversity, leveraging knowledge deficits
- exploit mitigation technologies like
- Stack buffer overrun detection
- Data execution prevention (DEP)
- Address Space Layout Randomization (ASLR)
- SAFESEH and Structured Exception Handler Overwrite Protection (SEHOP)
- Heap metadata protection
- Enhanced Mitigation Experience Toolkit (EMET)
- For each technology it also mentions following:
- Overview
- How to use
- Proof point
- Performance consideration
- Compatibility considerations
- Availability on various OS/platforms including browser versions