Showing results for Security - Developer Support

Aug 16, 2017
0
0

Claims augmentation with OWIN but outside of Startup code

Pam Lahoud
Pam Lahoud

This post on authentication and authorization is from Premier Developer consultant Marius Rochon.Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).  However, ...

SecurityAuthenticationMarius Rochon
May 30, 2017
0
0

Should you obfuscate your Xamarin app?

Pam Lahoud
Pam Lahoud

This blog on securing your source code is from Premier Developer consultant Bill Reiss. I saw a question recently about how to protect code in a Xamarin app package. I feel the first question is whether you need to, and not how to do it. The reality is that you can never completely protect your app code, and if someone wants your code bad enough ...

SecurityxamarinBill Reiss
May 25, 2017
1
0

Hardening your web server’s SSL /TLS ciphers

Developer Support
Developer Support

In this post, Senior Application Development Manager, Anand Shukla shares some tips to harden your web server’s SSL/TLS ciphers. I recently worked with a customer who had security requirements to disable the weak RC 4 ciphers from their Windows 2008 and Windows 2003 servers.  The process is little different for Windows 2008 R2 servers and...

TeamSecurity
May 18, 2017
0
0

Microsoft Security Risk Detection

Developer Support
Developer Support

In this post, Application Development Managers, Mike Batongbacal and Syed Medhi, introduce the Microsoft Security Risk Detection service formerly known as Project Springfield. Software Security is a Business Imperative In today’s world, the threat of security breaches in computer networks and business software is an all too real possibility. ...

TeamSecurityFuzzing
Mar 28, 2017
0
0

Protecting Secrets using VSTS and Azure Key Vault

Pam Lahoud
Pam Lahoud

In his latest blog post, Premier Developer consultant Najib Zarrari discusses one approach to protecting sensitive information in your application by using VSTS and Azure Key Vault. If you are building a modern application and are following modern design principles, there is a good chance your application is composed of a number of layers and ...

VSTSSecurityAzure Key Vault
Jan 19, 2017
0
0

ASP.Net Session Swapping – Why it happens and what can be done about it?

Developer Support
Developer Support

In this post, Senior Application Development Manager, Sanket Bakshi explains details behind the sometimes perplexing issue of Session Swapping and how to avoid it. Kernel Cache is a powerful and well-known feature introduced in IIS 7 and found in all later versions.  It’s the highly performant server level cache that very efficiently delivers...

TeamSecurityasp.net
Apr 8, 2016
0
0

Passive is good!

Pam Lahoud
Pam Lahoud

Here’s a quick read from Premier Developer consultant Marius Rochon’s blog.  In it, Marius gives some great reasons to leverage passive authentication protocols in your applications rather than writing your own code to handle credentials. Some time back I wrote about avoiding handling of credentials (creation/maintenance/verification ...

SecurityAuthenticationMarius Rochon
Jun 4, 2015
0
0

Microsoft Cloud: Migrating Workloads and Security Planning

Developer Support
Developer Support

In this blog post, Application Development Manager, Lalit Patel, shares examples of customers working with Premier to overcome migration concerns and build confidence while moving workloads to the cloud. Cloud Adoption is underway as more organizations look for opportunities to optimize spending and reduce the operational cost associated ...

AzureSecurityAdvisory
Mar 16, 2015
0
0

Part 2: Security and the Internet of Things

Developer Support
Developer Support

Mark Taylor, Premier Services Senior Consultant and David S. Lipien, Director in Microsoft’s Premier Services present a 3 part installment on the internet of things (IoT). Part 1 of the IoT series was a primer on the subject matter, looking at it from a business value perspective and looking at some the important questions that should be ...

AzureSecurityAdvisory
Jan 20, 2015
0
0

Should an application handle user credentials?

Pam Lahoud
Pam Lahoud

With development of standard authentication protocols like WS-federation, SAML and OAuth, there should be very few situations where a web application has to implement its own storage and logic for handling user credentials. This blog from Premier Developer consultant Marius Rochon enumerates the benefits of using out-of-the-box authentication ...

TeamSecurityAdvisory

Feedback