Posts Tagged ‘security’

In the previous installment of this post series I talked about CSRF attack and how to prevent it using ASP.NET MVC built in components. Today I want to dive deeper into the framework code and show you what’s under the hood to anti-forgery token implementation in MVC. Some time ago Microsoft took a huge step […]

Securing your web application is now more important than ever because various security attacks are growing in numbers and becoming more sophisticated and frequent. One of the most common types of attacks is Cross Site Request Forgery (CSRF) attack. In this kind of attack malicious web sites are hijacking a previously authenticated user sessions to […]

  Setting it all up Who are we trying to secure against? Think of millions of people and thousands of companies in hundreds of countries Who? Script Kiddies Hackers/Thieves Industrial Espionage Terrorist Most aren’t trying to protect themselves from state agencies.  They have vast intercept networks and the capability to break through most security Here’s […]

What is Coin?  Coin is a brilliant new technology that allows users to consolidate all of their cards into a single Coin card.  A Coin card is not your traditional credit card.  It is an electronic device the size of a credit card with a programmable magnetic strip.  Any card with a magnetic strip whether […]

Today I’ll continue with a related theme to yesterday’s discussion on regulation.  Specifically, a patient portal is secure.  You can interpret security in a variety of ways but let me give my own spin. The data is secure The access point is secure Setup is secure The system will track anything that happens on the […]

CRN has an article about Netskope, a startup security policy firm, who reviewed and ranked enterprise cloud apps.  Here’s the quick list: Salesforce Box Crashplan Amazon Web Services Easy Vista   While some you may not have seen before, others like Amazon and Salesforce already garner many headlines.  As I review a lot of options […]

One of the primary methods that schools can innovate is with technology. I live in an area where they’re trying to provide technology to all students by providing laptops or tablets from kindergarten to seniors in high school, all grades K through 12. In any one school district they now have to manage these devices […]

Just recently, the Federal Government handed out a gift (how often can you say that?) to the mobile community.  As part of the new open digital government initiative, the Federal CIO Council and Department of Homeland Security have published the Mobile Security Reference Architecture.  It is a comprehensive picture of the minimal security controls necessary […]

I’ve been seeing a lot of news about hackers taking their game to the next level.  You can see this with Twitter’s recent blog post and forced reset of many users passwords.  In keeping with the trend, Evernote just posted about similar attacks and recommended that all users reset their passwords even though they don’t […]

I’ve been seeing a lot of news about hackers taking their game to the next level.  You can see this with Twitter’s recent blog post and forced reset of many users passwords.  In keeping with the trend, Evernote just posted about similar attacks and recommended that all users reset their passwords even though they don’t […]

Many of you may have read in Wired that Google wants to find ways to authenticate without the old messy username and password approach. Google agrees. “Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” Grosse and Upadhyay write in […]

Many of you may have read in Wired that Google wants to find ways to authenticate without the old messy username and password approach. Google agrees. “Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” Grosse and Upadhyay write in […]