Renewing the Azure App Service SSL Certificate in an Application Gateway HTTP Listener

Scenario: The SSL certificate used in my Azure Application Gateway has expired and needs to be replaced. This SSL certificate was bought through the Azure Portal. Background: The certificate was provisioned through the App Service Certificate service in Azure. The certificate is store in my Azure Key Vault. The App Gateway is used as an …

Continue reading Renewing the Azure App Service SSL Certificate in an Application Gateway HTTP Listener

Penetration Testing Your Web App with Azure Application Gateway WAF Part 2: OWASP ZAP Tool

Continuing from my last post Penetration Testing Your Web App with Azure Application Gateway WAF Part 1: Intro, I will demonstrate a very simple penetration test. Thanks to Tanya Janca (@shehackspurple), an OWASP specialist, who suggested I try out the OWASP ZAP tool. “The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free …

Continue reading Penetration Testing Your Web App with Azure Application Gateway WAF Part 2: OWASP ZAP Tool

Penetration Testing Your Web App with Azure Application Gateway WAF Part 1: Intro

In setting up an application with appliances that provide protections from cyber threats, it is always necessary to have penetration testing and monitoring throughout the solution's lifecycle management. I will demonstrate the following scenario: Protect your web app using Azure Application Gateway’s Web Application Firewall features. Enable and configure the WAF The web app is …

Continue reading Penetration Testing Your Web App with Azure Application Gateway WAF Part 1: Intro