Application Registration oAuth token 2.0

The difference between a v1 and v2 token is that there are several claims not present in v1 that are present in v2. It is important when creating an Application Principal (Application Registration or App Reg) that you configure the right settings. Below, we will explain what to look out for. What is the difference … Lees verder

Azure Security: A comprehensive overview

As organizations continue to embrace cloud computing, securing digital assets in the cloud has become a top priority. Microsoft Azure, one of the leading cloud service providers, offers a suite of comprehensive security services designed to protect workloads, data, and identities. There is an evolution taken place of cloud security from its nascent stages to … Lees verder

Data Sensitivity and ChatGPT a good combo?

In the modern business landscape, leveraging new technologies like ChatGPT can enhance productivity and decision-making processes. However, with the integration of such AI-driven tools, it is crucial to understand and manage data and more specific the sensitivity of data to safeguard your organization’s critical information. This blog explores what Open AI (ChatGPT) is, how to … Lees verder

Developing robust and high secure software solutions

Developing secure applications that enable companies to store, manage and share confidential records securely and efficiently. It’s starting from the fundamentals of the design that is made before the first line of code is written. The system must be compliant with relevant regulations such as HIPAA, GDPR, or other specific guidelines (usually based on the … Lees verder

Azure Kubernetes security common misconceptions

Azure Kubernetes Service (AKS) has emerged as a leading platform for container orchestration, offering scalability (with Keda), flexibility, and an easy management panel. However, like any technology, misconceptions about security can lead to suboptimal practices and positionally compromise the integrity of your applications.  In this blog post, we’ll discuss some common misconceptions about Azure Kubernetes … Lees verder

Security and Azure DevOps – part 2

In this new post about security in DevOps or Azure DevOps we will take some key elements that can be important in the SDLC of your organization. A better title could: Enhancing Application Security: A Guide to OWASP ASVS in Development Lifecycles Introduction In an era where digital transformation is rapidly reshaping industries, the importance … Lees verder

Security and Azure Devops – part 1

How to configure a project and repository to support secure pipelines? It can be done in Azure DevOps in an easy way, so read along and configure with me some security best practices for your DevOps environment. Prerequisites You must create an Azure DevOps Organization and one project for some exercises, for more info see: … Lees verder

Azure Diagnostic settings multi region support

Everyone has heard of “Mission Critical” in Azure, Which describes that an application needs to be deployed in one or more regions within Azure to have 100% redundancy. For example, an application is deployed in West and North Europe. It brings us to the next problem, what if diagnostic settings have another Log Analytics Workspace … Lees verder

Failed to start the Application Gateway

When setting up an Application Gateway (AGW), the public and private IP addresses of the Application Gateway are required in order to complete the configuration. The Application Gateway needs 24 hours before new DNS and network settings are taken into account. Or you can trigger this part of the process by manually stopping and starting … Lees verder