Tag: Security | Page 2 | Int64 Software Blog

Dispelling Common Myths about Microsoft LAPS

Microsoft’s Local Administrator Password Solution (LAPS) is subject to many myths and misunderstandings. Let’s look at and refute some of the common ones.

Domain Admins – Best Practice and Tracking Down Their Misuse and Proliferation

The power of a domain admin account makes it incredibly tempting to use for various administration purposes where you need to guarantee that the account used has sufficient privileges.

Hardening Website Security – Part 4: Safely Handling User Input

In the final part of this series, we’re going to look at the proper way to handle raw user input from your website, and what can go wrong if it isn’t properly sanitized before storing or using the data.

Why aren’t you using Microsoft’s Local Administrator Password Solution (LAPS) yet?

Microsoft LAPS (Local Administrator Password Solution) is a free tool for Active Directory environments which automatically creates, sets and stores cryptographically secure passwords on your local administrator accounts. It’s powerful, free and it improves your security. So why aren’t you using it yet?

Hardening Website Security – Part 3: Website Database Security

Introduction It feels like almost every week there’s another news item about personal information being stolen because yet another company’s website got hacked. Most of these attacks are perpetrated through social engineering, persuading somebody to hand over some detail which allows the hacker to gain additional privileges and, eventually, access to personal information. However, a…

Hardening Website Security – Part 2: User Session Cookie Security

In this section we will be looking at how you can increase the security of user sessions on your web server, and reduce the risk of Session Hijack Attacks.

Hardening Website Security – Part 1a: HSTS Preloading

HSTS Preloading to Idenfity HTTPS Secured Websites

In part 1 of this series of articles we described the HSTS header “Strict-Transport-Security”. This header is used to tell the clients web browser that HTTP Strict Transport Security mode should be enabled so that the browser should remember that this website only uses HTTPS and should not accept any unencrypted traffic.

Hardening Website Security – Part 1: HTTP Security Headers

Storm Trooper Guarding House - HTTP Security

Installing and Configuring Microsoft LAPS: A Complete Guide – Part 1

Microsoft Local Administrator Password Solution (LAPS) Installation Guide

Microsoft LAPS (Local Administrator Password Solution) is making a big splash in the Active Directory community by providing a simple, secure, and free solution to the age-old question of how to secure your Local Administrator accounts.

Separation of Duties in Software Solutions: A Case Study in Overcee

Separation (or Segregation) of Duties in business and Information Technology is a great internal process which describes restricting the power of any one individual in order to combat mistakes and fraud. R. A. Botha and J. H. P. Eloff in “Separation of Duties for Access Control Enforcement in Workflow Environments” describe SoD as: Separation of…