Developer Support

Advocacy and Innovation

Security - Developer Support

Azure Storage Encryption and Azure Disk Encryption – Demystified?

April 30, 2018 Apr 30, 2018 04/30/18
Developer Support
In this post, Sr. App Dev Manager Mark Pazicni lays out the capabilities of Azure Storage Service Encryption (SSE) and Azure Disk Encryption (ADE) to help clarify their applications. With Azure Storage Service Encryption (SSE), your data is just encrypted. New and existing Azure Storage Account are now 256-bit AES encrypted to storage data...

Physical Data Center Security

April 8, 2018 Apr 8, 2018 04/8/18
Developer Support
Senior Consultant Omar Amin recently posted this article on securing a physical data center.  In this post, he highlights roles and responsibility on security across various hosting options.I don't spend a lot of time talking to customers about physical data center security.As a developer using mostly PaaS or IaaS compute platforms, I ...

Accelerate Your GDPR compliance with Microsoft Cloud

March 22, 2018 Mar 22, 2018 03/22/18
Developer Support
This post is provided by App Dev Managers Latha Natarajan and Sujith Nair who explore the critical aspect of protecting personal information and the impact of data security failures. This post also discusses the rich set Azure services that Microsoft customers and organizations can use to protect personal data in compliance with GDPR and other...

Role Based Access Control in ASP.NET MVC

September 5, 2017 Sep 5, 2017 09/5/17
Monu Bambroo
In this post, Premier Developer consultant Lizet Pena De Sola explains Role Based Access Control in ASP.NET MVC. Role Based Access Control in MVC is pretty straight forward. There is also a way to do claims access control, but the most common way is based on roles. To show or hide action links in a view depending on the user role we can ...

Claims augmentation with OWIN but outside of Startup code

August 16, 2017 Aug 16, 2017 08/16/17
Pam Lahoud
This post on authentication and authorization is from Premier Developer consultant Marius Rochon.Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).  However, ...

Should you obfuscate your Xamarin app?

May 30, 2017 May 30, 2017 05/30/17
Pam Lahoud
This blog on securing your source code is from Premier Developer consultant Bill Reiss. I saw a question recently about how to protect code in a Xamarin app package. I feel the first question is whether you need to, and not how to do it. The reality is that you can never completely protect your app code, and if someone wants your code bad ...

Hardening your web server’s SSL /TLS ciphers

May 25, 2017 May 25, 2017 05/25/17
Developer Support
In this post, Senior Application Development Manager, Anand Shukla shares some tips to harden your web server’s SSL/TLS ciphers. I recently worked with a customer who had security requirements to disable the weak RC 4 ciphers from their Windows 2008 and Windows 2003 servers.  The process is little different for Windows 2008 R2 ...

Microsoft Security Risk Detection

May 18, 2017 May 18, 2017 05/18/17
Developer Support
In this post, Application Development Managers, Mike Batongbacal and Syed Medhi, introduce the Microsoft Security Risk Detection service formerly known as Project Springfield. Software Security is a Business Imperative In today’s world, the threat of security breaches in computer networks and business software is an all too real ...

Protecting Secrets using VSTS and Azure Key Vault

March 28, 2017 Mar 28, 2017 03/28/17
Pam Lahoud
In his latest blog post, Premier Developer consultant Najib Zarrari discusses one approach to protecting sensitive information in your application by using VSTS and Azure Key Vault. If you are building a modern application and are following modern design principles, there is a good chance your application is composed of a number of layers ...

Discovering AuthorizeAttribute role names

March 1, 2017 Mar 1, 2017 03/1/17
Monu Bambroo
In this post, Senior Consultant, Marius Rochon showcases how to discover 'AuthorizeAttribute' role names. The AuthorizeAttribute is used in ASP.NET code to decorate controller classes and methods which require authorization, e.g. [Authorize(Roles =“admin”)] public class HomeController : Controller { Meaning that to call any ...
Comments are closed.0 0