36 docs tagged with "Security"

Explains the role of the Data Protection API (DPAPI) in ASP.NET Core, securing authentication cookies, and responding to authentication server compromise.

Explanation of Workload Identity, Managed Identity, and User-Assigned Identity in Azure Kubernetes Service (AKS)

Built-in XSS prevention, sanitization, CSRF protection, and Content Security Policy

Implementing robust authentication mechanisms in ASP.NET Core Web APIs.

Mechanism and implementation of policy-based authorization using Open Policy Agent

A detailed guide to Azure Front Door Standard vs Premium, WAF capabilities, comparison with Application Gateway, and best practices.

Explains key network connectivity options such as VNet Peering, VPN, Private Endpoint, and VNet Integration.

Explains the basics of VPN protocols like IPSec and OpenVPN, as well as Azure VPN Gateway specifications, SKUs, and configuration modes.

Mechanism and implementation of authentication using Bearer tokens

The security motivation, structure, and threat model (token theft vs. session riding) of the Backend for Frontend (BFF) pattern, which eliminates token exposure in SPAs

Three UI asset hosting options and their implementation methods in Backend For Frontend (BFF) pattern

A practical guide to CVE scanning, SBOM generation, base image recommendations, and GitHub Actions integration using Docker Scout — Docker's official security tool.

CSRF defenses (SameSite, antiforgery tokens) for cookie-based authentication, and Content Security Policy (CSP) as defense-in-depth against XSS

Best practices for Static Code Analysis (SAST/IaC Scanning) using modern tools like Checkov and integrating them into CI/CD pipelines.

Overview of Docker Hardened Images (DHI) and multi-stage build patterns for .NET projects

Overview, security features, and AI Governance for Docker Sandbox (SBX) — Docker's isolated execution environment for AI agents

A comprehensive guide to SPF, DKIM, and DMARC mechanisms and configuration to prevent email spoofing, with practical SendGrid domain authentication setup

Overview of Azure Entitlement Management in Microsoft Entra ID Governance. Learn how to manage identity and access lifecycles using access packages, catalogs, policies, and approval workflows.

Mechanism and implementation of session-based authentication using HTTP-only Cookies

Overview and key features of Ivanti, providing endpoint management and security solutions

Overview and key features of Microsoft Intune, a cloud-based endpoint management platform

Explains NuGet package management, nuget.config settings, and security measures in .NET development.

Overview of the OWASP Application Security Verification Standard (ASVS), its verification levels, requirements, and practical usage.

Top 10 most critical security risks in web applications

Impacts of PKI (Public Key Infrastructure) mechanisms and root certificate rotation on systems.

Protecting APIs from abuse using Rate Limiting in ASP.NET Core.

Understanding SBOM (Software Bill of Materials) and its relationship with security, and practical approaches to SCA, container scanning, and vulnerability assessment using .NET, Docker, Node.js, and Python examples.

Learn how to securely manage secrets in Azure Kubernetes Service (AKS) using Azure Key Vault, leverage the Secrets Store CSI Driver, and follow best practices.

Explains best practices for securing developer and DevOps platform environments to implement Zero Trust principles (verify explicitly, use least privilege access, assume breach).

Sender-constrained tokens (DPoP, mTLS) that mitigate Bearer-token replay, and refresh-token rotation. Protection for public clients such as mobile apps

Designing the server-side token store for a BFF. In-Memory vs. Redis, TTL design, distributed refresh lock, and fail-closed key resolution

Explanation of Service Principal concepts in Azure, differences from Managed Identity, and Federated Identity Credential (OIDC) used in GitHub Actions

Explains the "Shift Left" philosophy of implementing security measures early in the development cycle, along with practical implementation methods in .NET, Azure, Terraform, GitHub, and Angular.

SonarQube for code quality and security analysis

Comprehensive guide to TLS/SSL mechanisms, digital certificates, encryption technologies, and the handshake process

Overview and key features of the cloud-based security platform Zscaler