Finally, NetScaler 12.0 build 51.24 was released July 20 – 2017 and introduces two great new features among other things: Native OTP (OneTimePassword) via nFactor Secure Web Gateway (Will be covered in a later post) I am very excited to follow development on these two features. This post is focusing […]
July2017
Analyzing and Testing Web Application Security based on OWASP Top 10 – SQLi and XSS
Introduction This post describes some methods and techniques that we can use to verify and analyze security in a web application by assessing the SSL and HTTP traffic.We will focus on how to verify SSL Protocols and Ciphers, HTTP Response Headers and scanning for SQLi and XSS vulnerabilities. These methods […]
Single Sign On (SSO) to ADFS enabled Website from XenMobile SecureWeb
From ADFS 3.0 on Windows Server 2012 R2, a Powershell property defines which User Agents (Browsers) that are supported for 401 Windows Integrated Authentication instead of Form Based Authentication. So In order to ensure that we can support SSO from XenMobile SecureWeb, we can change that property on ADFS (Option […]
Protect and Secure your Web Application with NetScaler Application Firewall (WAF) – Part 1
The first part of this post I am providing some information and guidelines on how to implement Citrix NetScaler Application Firewall in front of your web application. In the second part coming up, we will look into the Security Insight of NMAS (NetScaler Management and Analytics Services) how this provide […]
Optimizing SSL Security and Performance with OCSP and NetScaler
This post is about OCSP, NetScaler and SSL/TLS, how we could benefit from it and how we implement it on NetScaler. Intro Online Certificate Status Protocol (OCSP) is an alternative/replacement to the Certificate Revocation List (CRL) and is also a method to validate the status of a certificate. The CRL […]