security

Application consent policies in Azure Active Directory can be used to delegate tenant-wide user and admin consent to other users, groups and applications. This blog post explains how to configure these policies using the Microsoft Graph REST API including a test case to show how a test user is able to grant admin consent to an application it owns.

Azure App Registrations are often used as system identities that have access to API’s. Microsoft Graph is one of these API’s that are often used and has application roles that are high privileged and can be abused by an attacker to escalate privileges.

It’s easy to deploy Elasticsearch on Kubernetes. You get yourself a copy of the Elastic Helm Charts and you run helm install. Job well done… or not? The default Elasticsearch configuration doesn’t enable any encryption or security mechanism, that doesn’t sound really safe! In this blog post, I’ll explain how you secure your Elasticsearch instance by enabling encryption (SSL transport and HTTP over SSL) and native authentication.

Password strength is a more and more important subject for (web) applications. I guess we have all read at least one time about user accounts got hijacked because the user used a password like ‘1234567890’ and ‘qwerty’. As developer, we can prevent this pretty easy by adding validation on the user password.