AppSec Blog

ASP.NET MVC: Audit Logging

Guest Editor: Today's post is from Taras Kholopkin. Taras is a Solutions Architect at SoftServe, Inc. In this post, Taras will take a look at creating an audit logging action filter in the ASP.NET MVC framework. Audit logging is a critical step for adding security to your applications. Often times, audit logs are used to … Continue reading ASP.NET MVC: Audit Logging


Cloud Encryption Options - Good for Compliance, Not Great for Security

Guest Editor: Today's post is from David Hazar. David is a security engineer focusing on cloud security architecture, application security, and security training. In this post, David will take a look at the encryption options for applications hosted in the cloud. Over the last decade, due to new compliance requirements or contractual obligations, many, if … Continue reading Cloud Encryption Options - Good for Compliance, Not Great for Security


ASP.NET MVC: Data Validation Techniques

Guest Editor: Today's post is from Taras Kholopkin. Taras is a Solutions Architect at SoftServe, Inc. In this post, Taras will take a look at the data validation features built into the ASP.NET MVC framework. Data validation is one of the most important aspects of web app development. Investing effort into data validation makes your … Continue reading ASP.NET MVC: Data Validation Techniques


ASP.NET MVC: Using Identity for Authentication and Authorization

Guest Editor: Today's post is from Taras Kholopkin. Taras is a Solutions Architect at SoftServe, Inc. In this post, Taras will take a look at the authentication and authorization security features built into the ASP.NET MVC framework. Implementing authentication and authorization mechanisms into a web application with a powerful ASP.NET Identity system has become a … Continue reading ASP.NET MVC: Using Identity for Authentication and Authorization


2015 State of Application Security: Closing the Gap

The 2015 SANS State of Application Security Analyst Paper and webcasts are complete. This year, Jim Bird, the lead author of the SANS Application Security Survey series, Frank Kim, and I all participated in writing the questions, analyzing the results, drafting the paper, and preparing the webcast material. In the 2015 survey, we split the … Continue reading 2015 State of Application Security: Closing the Gap