Field Notes: Dealing with Phishing

Hackers turn to online scams to steal your personal information, because of this phishing prevention has become critical for every organization. Phishing emails may appear to be legitimate. In today’s world, you will likely be subjected to a phishing attack, meaning you'll need to be aware of the warning signs and know how to handle … Continue reading Field Notes: Dealing with Phishing

Azure Sentinel Tip for Table Details and Descriptions

I wrote a recent article that talks about tips for doing Data Sampling for Azure Sentinel. Data Sampling is a method that allows the Sentinel Analyst to figure out where and what data exists in the Log Analytics workspace to help hone KQL queries to produce good data results. Read that here if you missed … Continue reading Azure Sentinel Tip for Table Details and Descriptions

Securing WCF Services with Custom WIF STS: A Step-By-Step guide

In real SOA implementation, you will be probably exposing many WCF Services that you need to secure. Many blogs are there around STS and WCF, but non of them which guide you through a basic implementation of a custom STS using Windows Identity Foundation (WIF) to secure your WCF services. If you are just starting with STS/WIF or you have spent … Continue reading Securing WCF Services with Custom WIF STS: A Step-By-Step guide

Caching STS Security Token with an Active Web Client

A common scenario when using an STS (Being ADFS or Custom STS) is the requirement to cache the security token to be used repeatedly with the requests to WCF services to authenticate the calls. This is usually easy in desktop applications when most people go and cache the entire service proxy object in some global … Continue reading Caching STS Security Token with an Active Web Client