Viimeisimmät artikkelit
app service AZSK Azure express-validator expressJS HelmetJS NodeJS Web Application Firewall web apps
Defence in depth: Securing Azure App Service with Azure Front Door WAF, NodeJS runtime Security enhancements tested with OWASP ZAP
I’ve been recently playing around with Azure Front Door, and it’s WAF Policies. Here are some notes I decided toLue lisää
Developer experience on steroids with Azure AD App Proxy and Azure Functions Host
I’ve been using Azure AD App Proxy a lot in my time and I continue finding it useful in newLue lisää
TOP3 Picks from Azure Security Center Standard
I was recently discussing with a another Azure Aficionado about value proposition of Security Center Standard in comparison to stayingLue lisää
Azure AD B2X is here ! (yes B2X, not B2C or B2B) – Debugging and insights
Now that we are past the click-bait title (B2X), lets dig into Azure AD External Identities which was unveiled atLue lisää
AAD App Registrations custom claims grant-type:jwt-bearer Group Claims NodeJS OAuth2 SAML saml1_1-bearer
Deep Diver – Azure AD Groups/Roles claims for developers and IT pro’s with code examples
Background Many enterprise applications rely on group /role information to be passed on assertions for authorization, and further role decisions.Lue lisää
AAD Azure AD Device Login AzureAD Conditional Access Exchange HMA Hybrid Hybrid Modern Authentication MFA OAuth2 Office 365 Password Sync Productivity SAML
Lab: Zero Trust Exchange 2016 with AAD oAuth2 and SAML (KEMP)
Welcome to the four part lab (1/4) regarding implementing ”Zero Trust”, or identity perimeter-ish controls for your’re hybrid environment: FirstLue lisää
Don’t try this at home (or how to enable Core Server Remote Management for AD FS GUI)
I’ve been running AD FS on Core servers for some time now, mostly because I like the smaller footprint and centralizedLue lisää
Azure Devops – Change from stakeholder to basic access level
Azure Devops allows 5 users to have basic license. You can assign basic license from here if it was notLue lisää
Running Azure Cloud Shell without subscription level contributor
The default Cloud Shell will attempt to create new Resource Group if one does not exist. For user that needsLue lisää
Dump Kudu logs from webapp with Nodejs or powershell
Dumps log files from Azure App Service. source https://github.com/projectkudu/kudu/wiki/REST-API NodeJS Dependencies include axios, and built in FS module Powershell
Node.js – Azure AD JWT verification key runtime caching
Here is JS pattern which will cache the key used for token validation in runtime. The next time getKey runsLue lisää
