Op 29 september organiseren we weer een #DevNetNoord meetup met vier prachtige sessies, waaronder Niels Tanis met zijn sessie ' #Securing your .NET application software #SupplyChain'. Check voor het hele programma en hoe je je kan aanmelden: devnetnoord.nl #Dotnet

My defcon30 workshop contents available here. fuzzing.in/codelabs/findi…

One of the BEST .NET tools that more folks don't know about is "dotnet outdated" github.com/dotnet-outdate… Why is it amazing? Check this screenshot then thank Patrick Dwyer and Jerrie Pelser

"Password expiration requirements do more harm than good, because these requirements make users select predictable passwords" Thank you Microsoft. NIST agrees. Everyone who attacks password auth agrees. Can we get compliance to update their requirements. docs.microsoft.com/en-us/microsof…

Op 29 september organiseren we weer een #DevNetNoord meetup met vier prachtige sessies, waaronder Niels Tanis met zijn sessie ' #Securing your .NET application software #SupplyChain'. Check voor het hele programma en hoe je je kan aanmelden: buff.ly/3JFKMLV #Dotnet

We wrote about these issues with matching vulnerabilities based on CPEs almost 7 years ago - veracode.com/blog/managing-…

Definitely stoked about the fact I'll be traveling to Sydney in October and doing two sessions at NDC Sydney! I'm going to talk about sandboxing .NET assemblies and of course supply-chain security. ndcsydney.com/speakers/niels… #ndcsydney NDC Conferences

npm Best Practices for the Supply-Chain is out! openssf.org/blog/2022/09/0… Thanks everyone who got involved sMyle (🦋 @myles.dev) Jordan Harband Jeff Mendoza Erez Rokah Liran Tal theopenssf and many more!

World's oddly relaxed about recent CSRF bypass in csurf express middleware. It does require cookie tossing which limits the blast radius but for multi-tenant apps using subdomains it could be deadly -> fortbridge.co.uk/research/csrf-….

techcommunity.microsoft.com/t5/security-co…

Op 29 september organiseren we weer een #DevNetNoord meetup met vier prachtige sessies, waaronder Niels Tanis met zijn sessie ' #Securing your .NET application software #SupplyChain'. Check voor het hele programma en hoe je je kan aanmelden: buff.ly/3JFKMLV #Dotnet

. Niels Tanis on software supply chain attacks at devNetNoord

I'm looking forward to discussing cyber hygiene and cyber resilience on stage at Microsoft Ignite with Vasu Jakkal next week. You can sign up for an in person or virtual ticket here: aka.ms/ignite-securit…

Veracode is shifting container security left in a developer friendly way, scanning for OSS vulns on all layers, configuration (Kubernetes manifests, Helm charts, Pod Security Standards/Policies, Terraform, CloudFormation, AWS CIS 1.2), and secrets. containerjournal.com/features/verac…

Hitting the road to travel to Sydney! If you're attending NDC Sydney hope to see you there NDC Conferences #NDCSydney

🗝️ Security, security, security… Come join us on a talk about security provided by WebAssembly with Niels Tanis, or learn about network-level security features in Azure PaaS services by Erwin Staal. 👉 updateconference.net/en #UpdateConference #UpdateConferencePrague #dotnet

Time to listen to Loek Duys talking about mission-critical systems on Azure. #UpdateConference

🎤 Keep going with Niels Tanis, Erwin Staal, Loek Duys, Bronwen Zande, Sam Vanhoutte and Pascal Naber. #UpdateConferencePrague #UpdateConference