The QA lead for an API project that was about to go live asked me if I was sure we were safe against SQL injection attacks. It was nice to be able to answer: we've had an independent security review. That found no major issues and we fixed all the minor issues. But anyway we're definitely safe against SQL injection - we don't use any SQL databases. We're fortunate that the transactional data we store isn't heavily inter-related, and the persistent store we use is Azure Blob Storage. Every piece of ......
I met with a prospective client looking to move an existing API to Azure, and they had an interesting problem. Part of their API is supporting over-the-air (OTA) auto-update, so an app calls home, finds out if it has the latest version and if not downloads it from a blob. At peak times, they need to handle 2,000 requests per second for a sustained period of 2-3 hours. That doesn't sound like a lot of scale really, but they need *all* requests to complete successfully, they can't permit any dropped ......
Considerations for publishing internal systems on the Internet
Notes from April's SBUG Session on "The Enterprise Cache"