Author Archives: john Gu

Which is more secure: Certificate or Secret inside our Azure Active Directory App, and why? [duplicate]

Posted on by

Inside our Azure Active Directory, we have 2 options to secure our calls to the Active Directory App:

Secret

Certificate

Which option is more secure and why? Inside our applications which will be calling this App, it either needs to s… Continue reading Which is more secure: Certificate or Secret inside our Azure Active Directory App, and why? [duplicate]

Why the Active Directory App created using Visual Studio does not have any "Certificate & Secrets".. is this fine?

Posted on by

I created a new ASP.NET Core 6.0 MVC web application, and I define it to use Azure AD for authentication, as follows:

Then I was asked to create an owned application, so I created one named "ad" as follows:

Inside my applicat… Continue reading Why the Active Directory App created using Visual Studio does not have any "Certificate & Secrets".. is this fine?

Is Self-Signed certificate sufficient for Production environments exposed to the Internet to secure our Azure Function

Posted on by

We have created an Azure Function which runs on a scheduled basis to update Sharepoint Online sites (each 10 minutes).
Now for this Azure Function to integrate with SharePoint, we have created an Active Directory App and we defined a Self-… Continue reading Is Self-Signed certificate sufficient for Production environments exposed to the Internet to secure our Azure Function

Does SQL injection attack cover installing malware that deletes or modifies the database?

Posted on by

I know that SQL Injection attack can be done by injecting the application with SQL statements to retrieve info you are not authorized to get or to modify the data in an unauthorized way, as mentioned in this link https://www.w3schools.com/… Continue reading Does SQL injection attack cover installing malware that deletes or modifies the database?