We believe that Secure DevOps encompasses both a set of practices and a mindset shift to help customer adopt security principles and practices aligned with the culture shift and integrated with the practices, of DevOps. Secure DevOps practices include and build on those practices that are part of the Microsoft Security Development Lifecycle.
Beyond Lean, another important contributor to DevOps is the safety science movement. In this blog, Ron discusses this subject and show how important this is and how it changes the ways we think of the systems we build.
It is extremely difficult to find individuals with Security+ accreditation. Achieving this accreditation not only helps you but also helps defense contracting companies and the DoD community to fill in those national security related positions with those specialized needs.
When it comes to data, there is never a thing as too much security. With identify theft and breaches becoming a daily occurrence, ensuring sensitive information is protected is essential to business. Microsoft Azure has been designed from the ground-up to be one of the most secure places to store your information. Let me prove it!
Accessing Groups claims in Azure AD B2C requires adding some custom code through custom (IEF) policies. This post shows how to configure AD B2C IEF policies to access Groups in JWT Tokens.
MSRD is a self-service, AI-powered Dynamic Application Security Testing service that optimizes your web development cycle to identify and remediate bugs and security risks as they’re introduced into the codebase – not after they are already in production.
Azure Trust Center should be your first destination for our compliance offerings. Did you know independent audit reports along with Azure compliance offerings can be found there? This documentation is a free, but protected resource for those that utilize Microsoft cloud services (Azure, Office 365, Dynamics 365, etc.). Compliance documentation for HITrust, HIPPA/HITECH, FedRAMP, CSA CCM and many others are stored here.
Senior Consultant Omar Amin recently posted this article on securing a physical data center. In this post, he highlights roles and responsibility on security across various hosting options.
I don’t spend a lot of time talking to customers about physical data center security.
This post is provided by App Dev Managers Latha Natarajan and Sujith Nair who explore the critical aspect of protecting personal information and the impact of data security failures. This post also discusses the rich set Azure services that Microsoft customers and organizations can use to protect personal data in compliance with GDPR and other regulations for various parts of the world.
Laurie Atkinson, Premier Developer Consultant, shows us how to customize the behavior of an Angular app based on the user’s permissions. This includes page navigation, hiding and disabling of UI elements, and generation of menus.
Applications often include requirements to customize their appearance and behavior based on the user’s role or permission.