Technology Blog - Vikas Goyal

tag:blogger.com,1999:blog-61099024283945912352024-09-09T11:25:32.387+05:30Technology Blog - Vikas GoyalVikas Goyalnoreply@blogger.comBlogger15125tag:blogger.com,1999:blog-6109902428394591235.post-20133607291590902502015-06-26T12:29:00.001+05:302015-06-26T12:29:33.866+05:30Azure Subscription and Tenants

QUICK TIP : When you add your Azure account using PS Add-AzureAccount, you get subscription id and list of tenant IDs created in the subscription. The tenant IDs are actually related to Azure Active Directory tenants which you have created.

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-22148263146815557082011-12-16T09:25:00.001+05:302011-12-16T09:25:50.463+05:30Free eBook on Claims based Identity and Access Control

Starts with discussing basics of claims based identity and moves to advanced topics. Following industry standards are discussed : Security Assertion Markup Language (SAML) Security Association Management Protocol (SAMP) and Internet Security Association and Key Management Protocol (ISAKMP) WS-Federation WS-Federation: Passive Requestor Profile WS-Security

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-49450617641682073862011-07-13T12:56:00.001+05:302011-07-13T12:56:26.408+05:30Whitepaper on exploit mitigation technologies

A new whitepaper has been recently published which discusses about various exploit mitigation technologies and how to use them. Release by Microsoft Security Engineering Center. A must for every person on software development team. Covers following: economics of exploitation – attacker’s return on investment Tactics behind exploit mitigation technologies like enforcing variants,

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-77765990944863655642008-12-26T19:59:00.001+05:302008-12-26T19:59:16.710+05:30* Silverlight : Cross domain access guidelines

RIA (Rich Internet Applications) client runtimes like Silverlight and Flash does not allow any code to access cross domain sites unless the target sites specifically grant access. This is done to avoid issues like Cross-Site Scripting (XSS) attacks. If you are involved in developing apps on Silverlight runtime, it helps to understand the runtime behavior for cross domain access both during

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-49887972859653701712008-11-18T23:35:00.001+05:302008-11-18T23:35:38.341+05:30* Baking Security In

This is the new campaign from Microsoft to bring awareness about how MS products are made more secure and also releases tools and guidance as part of Security Development Lifecycle. Catch all of it @ www.bakingsecurityin.com

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-56574244562301414712008-11-05T00:16:00.001+05:302008-11-05T00:16:49.269+05:30* Windows Live ID to support OpenID

For users, Windows Live ID has provided a single credential to login into all Microsoft sites like MSDN, Connect, Live Mail etc. ‘OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing internet technology (URI, HTTP, SSL, Diffie-Hellman) and realizes that people are already creating identities for themselves whether it be

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-36089988185261403782007-11-12T15:07:00.001+05:302007-11-12T15:07:46.934+05:30* Agenda for Security Summit at Bangalore

In case you are still wondering what tomorrow's summit (Microsoft Security Summit) is going to offer to you .. here is the agenda : 0830hrs - 0915hrs              :                     Registration 0915hrs - 1000hrs  &#

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-11309713603411205702007-11-12T09:36:00.001+05:302007-11-12T09:36:34.908+05:30* Microsoft Security Summit - India

Check out this event to be organized across India.        Microsoft Security Summit

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-21168632827236992002007-10-25T15:36:00.001+05:302007-10-25T15:36:26.865+05:30* Troubleshooting : Client Certificate Authentication

You are doing a setup for Client Certificate Authentication for your web application. The client and server tools involved are : Internet Explorer 6 or 7 IIS 6.0 Windows 2003 After installing client and server certificates and enabling 'Accept Certificates' at IIS end, you may face one of these problems: You are not able to verify whether the client certificate is currently

Vikas Goyalnoreply@blogger.com1tag:blogger.com,1999:blog-6109902428394591235.post-28510349147205655172007-10-24T08:45:00.001+05:302007-10-24T10:12:05.863+05:30* Security : Acrobat Reader flaw patched

Adobe has released the patch for the flaw detected earlier this month. Acrobat Reader Security Flaw            Get Acrobat Reader patch

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-46757618570340642372007-10-13T18:59:00.001+05:302007-10-13T18:59:13.066+05:30* Security Alert : Adobe, Windows XP, IE 7

If you use Acrobat Reader on Windows XP machine with IE 7, you are at risk from malicious code and hacking attacks due to several security flaws in Acrobat products. This is I believe one of the most popular combination.                             &#xA0

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-49006159630404565102007-10-08T09:05:00.001+05:302007-10-08T09:05:02.790+05:30* Vulnerable Google Products

Recently lot of reports have surfaced exposing various kinds of Cross-Site Scripting (XSS) vulnerabilities in Google products. The applications which have been found vulnerable are : Gmail Google Search Appliance Google (Blogspot) Polls Application Google's Picasa photo-sharing software Google's Urchin Analytics service Government of India's agency Indian Computer Emergency Response

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-50357838462765626112007-09-19T13:22:00.001+05:302007-09-19T13:22:12.811+05:30* WCF : Hosting in Partial or Medium Trust ASP.NET environment

Read about ASP.NET Partial Trust environment. Currently WCF provides very little support for partial trusted environment. When hosting in medium trust environment - only basicHttpBinding is supported by default. If you want to use wsHttpBinding, security mode needs to be set as 'None' or 'Transport'. Default security mode for wsHttpBinding is 'Message'. Partially trusted callers are

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-71371531663160311062007-09-19T10:56:00.001+05:302007-09-19T10:56:55.470+05:30* ASP.NET : Partial Trust Environment

ASP.NET runtime allows server administrators to configure runtime so that various asp.net applications can run in various levels of isolation and with various permissions. This is most relevant in shared hosting kind of scenarios. The various levels of trust available are : Full|High|Medium|Low|Minimal By 'Partial Trust' means, server admin trust the applications hosted in web server only

Vikas Goyalnoreply@blogger.com0tag:blogger.com,1999:blog-6109902428394591235.post-25793618584210440532007-01-22T13:58:00.001+05:302007-09-18T10:37:49.469+05:30* How to build Authorization Module for TCP Remoting channel

From .NET 2.0, framework includes the security infrastructure for TCP channel which can be enabled just by configuration. The below entry enables security for tcp channel <configuration>    <system.runtime.remoting>        <application>            <service>  &

Vikas Goyalnoreply@blogger.com1