Beyond Lean, another important contributor to DevOps is the safety science movement. In this blog, Ron discusses this subject and show how important this is and how it changes the ways we think of the systems we build.
Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant.
The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the security point of view) way of obtaining access or (for OIDC) id_tokens given the circumstances of the client application.
It is extremely difficult to find individuals with Security+ accreditation. Achieving this accreditation not only helps you but also helps defense contracting companies and the DoD community to fill in those national security related positions with those specialized needs.
When it comes to data, there is never a thing as too much security. With identify theft and breaches becoming a daily occurrence, ensuring sensitive information is protected is essential to business. Microsoft Azure has been designed from the ground-up to be one of the most secure places to store your information. Let me prove it!
Accessing Groups claims in Azure AD B2C requires adding some custom code through custom (IEF) policies. This post shows how to configure AD B2C IEF policies to access Groups in JWT Tokens.
Learn how DoD leverages Azure DevOps to promote code from higher information level (IL) environment from a lower IL environment using Microsoft-Hosted and Self-Hosted Agents.
Secure your applications with Microsoft Identity Platform couldn't be any easier. In this blog, we’ll walk through very quick steps to help you start experimenting with authentication capabilities using Azure AD identities.
MSRD is a self-service, AI-powered Dynamic Application Security Testing service that optimizes your web development cycle to identify and remediate bugs and security risks as they’re introduced into the codebase – not after they are already in production.
Azure Trust Center should be your first destination for our compliance offerings. Did you know independent audit reports along with Azure compliance offerings can be found there? This documentation is a free, but protected resource for those that utilize Microsoft cloud services (Azure, Office 365, Dynamics 365, etc.). Compliance documentation for HITrust, HIPPA/HITECH, FedRAMP, CSA CCM and many others are stored here.
I was recently working on a PWA application that utilizes SSO and one odd behavior that I noticed right off the bat was the fact that the SSO redirects forces the application to open a new window inside the browser instead of carrying the redirect inside the application shell. This is problematic as it defies the whole purpose of a PWA which attempts to make a web application feel native.