3 April 2024
Security at Startup Nice article explaining why you should always think about security from day one. The Silk Wasm: Obfuscating HTML Smuggling with Web Assembly Interesting idea to hide binary c...
Security at Startup Nice article explaining why you should always think about security from day one. The Silk Wasm: Obfuscating HTML Smuggling with Web Assembly Interesting idea to hide binary c...
State Of Software Security 2024 I attended a webinar from Veracode last night, which was interesting and made me want to download the fully report and write about it here. We use Veracode at NIPO...
Understanding C# 8 default interface methods Seems like a hack that’s supposed to make migration easier. But there are gotchas, and I think it’s better to just bite the bullet and do the migration...
Azure Cloud Security Pentesting Skills A good interview with Karl Fosaaen of NetSPI about pentesting Azure. I recommend his book and his blog. Start with config review - find the cloud footpri...
NDC Security I went to NDC Security in Oslo. See my report here. I used the opportunity to use GitHub Pages, which use Jekyll, which I’m planning to migrate this blob to (Jekyll, not GitHub Pages).
What’s New in NuGet for .NET 8 | .NET Conf 2023 The first point was most interesting: NuGetAudit. It higlights known vulnerabilities in NuGet packages that you’re consuming, also for transitive p...
.Net Blazor SSR A bit of a history of Blazor and the criticisms its had along the way and its response to them, the latest of which is static site rendering. They still haven’t convinced me. I st...
Avoiding flaky tests with TimeProvider and ITimer Fixing the age-old problem of testing code that uses time. C# 8 introduces an abstract class TimeProvider that can be used to make code testable. ...
Feature Flags 101: A Guide for ASP.NET Core Developers This makes feature flags look easy. The examples define them globally in appsettings file, but I assume it could be defined anywhere in confi...
A couple of articles on interesting subjects with way too much detail for me to read fully. How to build a IP Geolocation Database from Scratch UK air traffic control meltdown