Azure security and .NET Core application

Mark900 · ‎Oct 08 2019

Hi there,

we're creating .NET core application with MSSQL database, that will be hosted on AZURE. Are you able guys to indicate what we should to take under consideration to be 100% compatible with AZURE in relation of full secure? Our app will be avaible to any users in WAN. Can You show the documents/instructions, that will tell us what components should be used within the .NET Core app to be fully fit to Azure? Is there any? I understand Azure modules can be added any time, even after we'll finish the system or must be taken in advance?

Thanks for any help,

Craig Wilson · ‎Oct 12 2019

Hi @Mark900

This is not a simple question to answer here. If you are developing the application using .net core, start here https://docs.microsoft.com/en-us/aspnet/core/security/?view=aspnetcore-3.0. This will give you some information on securing the app. Once you move to Azure, you will need to look at how to host the application and the controls that be put in place. Take a look here https://docs.microsoft.com/en-us/azure/security/develop/secure-develop it will provide some information on what to look at.

Microsoft also has a solution called Azure DevSecOps kit. https://azsk.azurewebsites.net/ this can be integrated into your development to help check that your code is secure.

In addition, try doing the standard approach.

Use HTTPS for all connections

Azure Keyvault for secrets and connection strings. Do not store secrets in code.

Application Insights for tracking what is happening in your app.

Capture logs to Log Analytics

Use encryption when storing data

Take backups

Develop the code using products like Azure DevOps, so the pipelines can deployment but also scan the code for security issues

Hope this helps.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure security and .NET Core application