Should you obfuscate your Xamarin app?

This blog on securing your source code is from Premier Developer consultant Bill Reiss. I saw a question recently about how to protect code in a Xamarin app package. I feel the first question is whether you need to, and not how to do it. The reality is that you can never completely protect your…

2

Hardening your web server’s SSL /TLS ciphers

In this post, Senior Application Development Manager, Anand Shukla shares some tips to harden your web server’s SSL/TLS ciphers. I recently worked with a customer who had security requirements to disable the weak RC 4 ciphers from their Windows 2008 and Windows 2003 servers.  The process is little different for Windows 2008 R2 servers and…


Microsoft Security Risk Detection

In this post, Application Development Managers, Mike Batongbacal and Syed Medhi, introduce the Microsoft Security Risk Detection service formerly known as Project Springfield. Software Security is a Business Imperative In today’s world, the threat of security breaches in computer networks and business software is an all too real possibility. More than ever before, businesses are…


Protecting Secrets using VSTS and Azure Key Vault

In his latest blog post, Premier Developer consultant Najib Zarrari discusses one approach to protecting sensitive information in your application by using VSTS and Azure Key Vault. If you are building a modern application and are following modern design principles, there is a good chance your application is composed of a number of layers and…

0

ASP.Net Session Swapping – Why it happens and what can be done about it?

In this post, Senior Application Development Manager, Sanket Bakshi explains details behind the sometimes perplexing issue of Session Swapping and how to avoid it. Kernel Cache is a powerful and well-known feature introduced in IIS 7 and found in all later versions.  It’s the highly performant server level cache that very efficiently delivers frequently used…


Passive is good!

Here’s a quick read from Premier Developer consultant Marius Rochon’s blog.  In it, Marius gives some great reasons to leverage passive authentication protocols in your applications rather than writing your own code to handle credentials. Some time back I wrote about avoiding handling of credentials (creation/maintenance/verification of user names, passwords, pins, etc.) in your own…

0

Microsoft Cloud: Migrating Workloads and Security Planning

In this blog post, Application Development Manager, Lalit Patel, shares examples of customers working with Premier to overcome migration concerns and build confidence while moving workloads to the cloud. Cloud Adoption is underway as more organizations look for opportunities to optimize spending and reduce the operational cost associated with traditional on premises IT infrastructure assets….


Partnering with Premier against Cybersecurity Threats

Cybercrime is no longer a distant warning.  It is an active industry with talented players, lucrative ambitions, and devastating consequences.  A recent study estimated the cost the US economy about $140 billion annually.  The numbers grow year over year and that’s just financials you can measure.  It’s difficult to put a price on the long…


Part 2: Security and the Internet of Things

Mark Taylor, Premier Services Senior Consultant and David S. Lipien, Director in Microsoft’s Premier Services present a 3 part installment on the internet of things (IoT). Part 1 of the IoT series was a primer on the subject matter, looking at it from a business value perspective and looking at some the important questions that…


Should an application handle user credentials?

With development of standard authentication protocols like WS-federation, SAML and OAuth, there should be very few situations where a web application has to implement its own storage and logic for handling user credentials. This blog from Premier Developer consultant Marius Rochon enumerates the benefits of using out-of-the-box authentication solutions, some myths preventing their adoption and…

0