Azure trainings!
Infused with experience from the field, brought with lots of passion!

Hide stack traces in a smart way in Azure API Management

Hide stack traces in a smart way in Azure API Management

Stack traces are a nice gift for hackers, because they reveal details about the underlying technology that you are using.  From a security perspective, it is good to remove stack traces when exceptions occur and just return a generic error message, like I described in...
Enforce Azure AD authentication on your storage account!

Enforce Azure AD authentication on your storage account!

People who follow my blog know that I am a big fan of securing Azure resources through Azure AD.  Leveraging your (hopefully) well-managed organization credentials to access Azure resources, is way better than using and sharing access keys all over.  You can also use...
API SECURITY FOR DUMMIES | Retrieve more user information

API SECURITY FOR DUMMIES | Retrieve more user information

API Security with ASP.NET Core 5.0 and Azure AD for Dummies This blog is part of a complete blog series. Part 1: Authentication vs authorization Part 2: The different actors Part 3: Authentication with Azure AD Part 4: Authorization with Access Control List Part 5:...
API Security with ASP.NET Core 5.0 and Azure AD for Dummies

API Security with ASP.NET Core 5.0 and Azure AD for Dummies

Despite the overload of online material on this subject, I still see many people struggling to secure their ASP.NET Core APIs with Azure AD.  For this, I see several causes: The difference between authentication and authorization is still not clear for many Azure AD...