Security

Workshop Spotlight: Secure DevOps – Application Security Principles and Practices

July 31, 2021 Jul 31, 2021 07/31/21

Developer Support

Secure software requires design well beyond parameter and infrastructure security. It starts with getting developers on board with important concepts and considerations as the code is being written—long before it’s released.

Microsoft Identity Platform which OAuth flow should I use?

October 12, 2020 Oct 12, 2020 10/12/20

Developer Support

Microsoft Identity Platform: which OAuth2 flow should I use? My non-prescriptive one-page guide in choosing the right auth flow for every situation.

Taste of Premier: Azure Security Center

August 11, 2020 Aug 11, 2020 08/11/20

Developer Support

Security is foundational for Azure. Take advantage of multi-layered security provided across physical data centers, infrastructure, and operations.

Using OAuth2 OBO with Azure AD B2C

July 23, 2020 Jul 23, 2020 07/23/20

Developer Support

This sample uses a custom web service (B2BOBOWeb) to provide a token endpoint, which handles the Extension Grant requests and communicates with B2C to respond with a valid response (access token). It uses a specific B2C tenant configured with custom journeys to handle this communication.

Securing Blazor WebAssembly Application With Azure Active Directory

July 21, 2020 Jul 21, 2020 07/21/20

Developer Support

In this post, Consultants Wael Kdouh and Marius Rochon shows how to secure Blazor WebAssembly Applications with Azure Active Directory.

Integrate Azure API Management with Okta

April 8, 2020 Apr 8, 2020 04/8/20

Developer Support

In this post, App Dev Manager Chris Hanna explains how to integrate Okta with Azure API Management for authentication.

Microsoft Security Code Analysis – a tool that seamlessly empowers customers to enable security controls in your CI/CD pipeline

December 2, 2019 Dec 2, 2019 12/2/19

Developer Support

We believe that Secure DevOps encompasses both a set of practices and a mindset shift to help customer adopt security principles and practices aligned with the culture shift and integrated with the practices, of DevOps. Secure DevOps practices include and build on those practices that are part of the Microsoft Security Development Lifecycle.

Workshop Spotlight: Modern Authentication and Authorization

September 20, 2019 Sep 20, 2019 09/20/19

Developer Support

Building applications operating in the internet environment requires understanding of options available for performing authentication and authorization. These options include, both a variety of protocols such as OAuth2 and WS-Federation, as well as tools and toolkits such as Azure AD, AD FS and ADAL.

DevOps and Safety

August 6, 2019 Aug 6, 2019 08/6/19

Developer Support

Beyond Lean, another important contributor to DevOps is the safety science movement. In this blog, Ron discusses this subject and show how important this is and how it changes the ways we think of the systems we build.

Choosing the OAuth2 grant flow

June 17, 2019 Jun 17, 2019 06/17/19

Developer Support

Premier Dev Consultant Marius Rochon explores OAuth2 questions you need to ask and how the answers lead to the selection of the grant. The OAuth2 specifications define six different grant types (https://tools.ietf.org/html/rfc6749 and https://tools.ietf.org/html/draft-ietf-oauth-device-flow-15). Each provides the most optimal (from the ...

Developer Support

Security - Developer Support