Within the enterprise arena it is common to have a Identity provider for the organization. In this post I have a brief look at the industry standard protocols.
Custom error pages are used to hide technical information from end users. Often default error pages can leak technical information to potential attackers. In this post Ill show how to implement custom error pages for IIS and Asp.net to assist with hardening the security of a system.
TLS 1.3 is out and its time to take note and plan the retirement of TLS 1.2.
HTTP headers leak technical information to potential attackers about a system. To harden the security of an application you need to disclose as little information about a system as possible.
GDPR or General Data Protection Regulation is a European law relating to the security and data privacy of an individuals information relating to his identity. The law will come in effect on 25 May 2018.
Really worth watching this!
Invalid Base64 characters? Invalid XML? Anyone that has had to work with these FedAuth tokens would have experienced errors with the format of the FedAuth tokens.
Complex password validation Our team had to build a regular expression for a client to password validation and it had the following requirements. Below is the expression for anyone that needs anything like this. Hopefully I safe someone some time.
When starting a new project, it is best to do the following security related items as soon as possible, otherwise it will be terribly difficult to add at a later stage.