Daily DevOps & .NET - Where Code Meets Culture

Audit Logging That Survives Your Next Security Incident

Published on 1/29/26 5:00 pm by Martin Stühmer

Your audit logs probably won’t survive a real security incident. Most implementations log too much, protect too little, and provide zero value when something breaks at 2 AM. Here’s how to fix that with structured logging that actually works.

AKS Cluster Upgrades: Zero-Downtime Operations That Actually Work

Published on 1/28/26 5:00 pm by Jendrik Brack

AKS cluster upgrades involve node replacement and pod eviction, which can cause service disruption without proper controls. This article explains cordon and drain mechanics, Pod Disruption Budget configuration, and multi-node-pool rollout strategies with validation-driven automation for reliable zero-downtime upgrades.

Your [Authorize] Attribute Is Compliance Theater

Published on 1/27/26 5:00 pm by Martin Stühmer

Your [Authorize] attributes give you a false sense of security. ISO 27001 auditors see right through it.

I’ve reviewed dozens of ASP.NET Core apps that authenticate flawlessly — then scatter role strings across business logic, skip audit logs, and wonder why they fail compliance. Here’s the pattern that kills audits, and how to actually fix it.

Why ISO Standards Actually Matter for .NET Developers

Published on 1/22/26 5:00 pm by Martin Stühmer

Cloud-native .NET development has transformed ISO/IEC 27001, 27017, and 27701 from abstract compliance requirements into concrete daily coding decisions. This guide shows .NET developers how security standards directly map to Azure Key Vault integration, Azure AD authentication, and proper logging—with real code examples demonstrating compliant vs. non-compliant implementations.

Pod Identity & Access Control in AKS: What Actually Breaks

Published on 1/21/26 5:00 pm by Jendrik Brack

Traditional AKS authentication relied on service principals and mounted secrets. Workload Identity Federation eliminates credential lifecycle problems, but introduces new failure modes. This article covers the operational realities: where credentials still leak, how RBAC layers compound across Kubernetes and Azure, and validation patterns that prevent identity failures in production.