Daily DevOps & .NET - Where Code Meets Culture

Nobody Runs Your Cleanup Script (And Regulators Know It)

Nobody Runs Your Cleanup Script (And Regulators Know It)

“Storage is cheap” — until your data retention strategy becomes evidence in a GDPR lawsuit.

After 15+ years in enterprise software, I’ve seen this pattern in project after project: elaborate wiki documentation, a cleanup script nobody runs, and production databases growing exponentially with personal data that should have been deleted years ago. The compliance checkbox is marked, but the actual deletion never happens.

When regulators investigate, they don’t want your policy documents. They want execution logs proving deletion actually happened. Azure Storage lifecycle policies, Cosmos DB TTL, and scheduled Functions give you exactly that — automated retention that runs without human intervention, with full audit trails.

Your Logout Button Is Lying: ASP.NET Session Security Done Right

Your Logout Button Is Lying: ASP.NET Session Security Done Right

That StackOverflow answer suggesting Session.Timeout = Int32.MaxValue for “better UX”? It’s how security becomes checkbox theater. Sessions that never expire, logout buttons that don’t invalidate tokens, cookies transmitted over HTTP—auditors catch these patterns immediately. Here’s how to configure ASP.NET Core authentication that actually works.
Container Registry & Image Security in AKS Deployments

Container Registry & Image Security in AKS Deployments

Securing Azure Container Registry for AKS needs more than a single control. This guide walks through a production-ready sequence: vulnerability scanning, image signing, RBAC, private endpoints, policy enforcement, and geo-replication. You get practical Terraform, Kubernetes, and pipeline patterns, plus clear trade-offs for real-world operations.
Your TLS Config is Probably Wrong: Five Audit Failures I Keep Finding

Your TLS Config is Probably Wrong: Five Audit Failures I Keep Finding

Production systems with HTTP endpoints wide open and TLS 1.0 enabled for backward compatibility that died in 2020 are still everywhere. If auditors haven’t flagged your encryption config yet, they will. This guide shows the fatal configurations that fail security audits and the Azure Front Door patterns that actually pass.
Trust Is Not a Control: ISO 27001 Compliance via GitHub

Trust Is Not a Control: ISO 27001 Compliance via GitHub

Process documents don’t impress auditors. “We trust our developers” isn’t a control mechanism. ISO 27001 demands technical enforcement, not organizational promises. This guide shows how GitHub branch protection, CODEOWNERS, and environment protection transform compliance from checkbox theater into system enforced reality with a six week implementation path.