When talking about containers security on the enterprise one of the best practices is to use your own platform images, those platform images are the base for your company applications. In this post I’m going to show you an opinionated implementation of how to automate the creation and update of your own .NET platform images using Azure Pipelines and AWS ECR.

Almost any dotnet application has several NuGet dependencies, and those dependencies may have their own dependencies, and so on and so forth. What if any of those dependencies you’re using contains a security vulnerability? You can check on your CI/CD pipeline if your application has any known NuGet vulnerability with just a couple of lines of bash script.

This post is about which AWS services can be used and how to set them up properly when you want to deploy a SignalR Core application to AWS.

The purpose of this post is to try out the new Azure DNS Private Resolver resource. To test it, we’re going to try to solve one of the current issues that Azure VPN has right now: when connected over an Azure P2S VPN the private DNS zone resolution does not work. This becomes quite problematic when you’re using private endpoints to secure some private resources, because there is no easy way to resolve the private endpoint DNS when connected to a P2S VPN.

Like any other language, Dockerfiles can and should be linted for updated best practices and code quality checks. In this post I will show you how to incorporate a couple of Dockerfile linters into our Secure DevOps workflow to ensure our Dockerfiles are always readable, understandable and maintainable.