CartLog In

Browse by Tags

> > >
Application Security — Documents Are Untrusted Input
Application Security — Documents Are Untrusted Input
A .docx is a ZIP file Open a .docx file in a hex editor and the first two bytes are PK . Every modern Office format - .docx , .xlsx , .pptx - is a ZIP archive of XML parts and embedded resources. PDF is not a ZIP file, but just like Office formats it...
Oliver Sturm (DevExpress)
29 May 2026
.NET .net core Architecture ASP.NET Blazor Office File API Reporting security WinForms WPF XAF
SBOMs for CRA Compliance in DevExpress-Based Apps — Preview Now Open
SBOMs for CRA Compliance in DevExpress-Based Apps — Preview Now Open
If you ship apps to customers in the EU, the Cyber Resilience Act (CRA) will require an SBOM as part of your conformity documentation. SBOM generation and CRA compliance are top priorities for DevExpress, and CycloneDX SBOM files for our .NET NuGet packages are now available as a preview...
Alex Chuev (DevExpress)
7 May 2026
.NET .net core CRA Featured JS npm NuGet SBOM security VCL
Application Security — Project Dependency "Version Bumps" Demystified or Modern Security Realities in .NET / NuGet Ecosystem
Application Security — Project Dependency "Version Bumps" Demystified or Modern Security Realities in .NET / NuGet Ecosystem
In this post, I want to show you how to effectively upgrade vulnerable third-party dependencies in your projects, highlight .NET industry best practices, and also clarify how DevExpress helps you mitigate security-related risks in general. For illustration...
Dennis Garavsky (DevExpress)
24 April 2026
.NET .net core JS npm NuGet security
Application Security — Stronger Hashes and Safer Passwords
Application Security — Stronger Hashes and Safer Passwords
Every application that stores passwords makes an implicit bet: that the hashing algorithm it chose will remain strong enough to resist attacks for as long as those hashes exist. It’s worth revisiting that bet regularly. This post walks through the reasoning...
Oliver Sturm (DevExpress)
17 April 2026
.NET .net core Architecture ASP.NET Blazor Dashboard Data Access Office File API Reporting security WinForms WPF XAF
Application Security — Why One Does Not Simply Protect a Data Store Connection String and Other Login Credentials?
Application Security — Why One Does Not Simply Protect a Data Store Connection String and Other Login Credentials?
A developer asks: “How do I protect my connection string in a desktop application?” This is one of the most common security questions in .NET development, and it sounds like it should have a straightforward answer. But there is a fundamental problem we...
Oliver Sturm (DevExpress)
2 April 2026
.NET .net core Architecture Backend Data Access database Desktop Frontend Middle Tier ORM RDBMS REST security webapi windows WinForms WPF
XAF (Cross-Platform .NET App UI & Web API Service) — Early Access Preview (v25.1)
XAF (Cross-Platform .NET App UI & Web API Service) — Early Access Preview (v25.1)
This post documents a few XAF -related features we expect to ship in early June and details what’s inside our Early Access Preview build. As you will note below, XAF-related focus areas remain Blazor, Entity Framework Core and Security. For additional...
Dennis Garavsky (DevExpress)
21 April 2025
.NET .net core 2025 accessibility asp.net Core blazor eap EF EF Core Entity Framework Non-Windows OData OpenAPI prerelease REST restful roadmap security survey Swagger Usability v25.1 web api XAF XPO
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authorization Code Flow (Part 4)
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authorization Code Flow (Part 4)
This post is the next installment in my series titled Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) . The content relates to my previously published post Modern Desktop Apps And Their Complex Architectures...
Oliver Sturm (DevExpress)
6 March 2025
.NET access control authentication authorization EF ef core Entity Framework keycloak rbac REST security webapi WinForms
XAF (Cross-Platform .NET App UI & Web API Service) — June 2025 Roadmap (v25.1)
XAF (Cross-Platform .NET App UI & Web API Service) — June 2025 Roadmap (v25.1)
EDIT : XAF v25.2 Roadmap Thank you for choosing XAF (Cross-Platform .NET App UI & Web API Service) for your software development needs. This blog post outlines some of our XAF-related development plans for the first half of 2025 (v25.1, set for release...
Dennis Garavsky (DevExpress)
17 February 2025
.NET .net 6 .net core 2025 accessibility asp.net Core blazor EF EF Core Entity Framework Fluent Non-Windows OData OpenAPI REST restful roadmap security survey Swagger Usability v25.1 web api XAF XPO
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authenticate Users and Protect Data (Part 3)
Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) — Authenticate Users and Protect Data (Part 3)
This post is the next installment in my series titled Connect a .NET Desktop Client to a Custom ASP.NET Core Service (EF Core with pure Web API) . The content relates to my previously published post Modern Desktop Apps And Their Complex Architectures...
Oliver Sturm (DevExpress)
14 October 2024
.NET access control authentication authorization EF ef core Entity Framework keycloak rbac REST security webapi WinForms
WinForms — Connect a .NET Desktop Client to a Middle Tier Security Server (EF Core with WebSockets)
WinForms — Connect a .NET Desktop Client to a Middle Tier Security Server (EF Core with WebSockets)
Series Overview This article is the second in a series of posts for teams who wish to build .NET desktop applications that communicate securely with backend services. Table of Contents Intro — Modern Desktop Apps And Their Complex Architectures Choosing...
Bogdan Kharchenko (DevExpress)
18 September 2024
.NET access control ASP.NET authentication authorization EF EFCore Entity Framework grid rbac security web api webapi WinForms XAF
More Posts

Featured Posts

DevExpress Developer Survey — AI Impact, Regulatory Compliance, Upgrade & General Product Experience
Dennis Garavsky (DevExpress)
SBOMs for CRA Compliance in DevExpress-Based Apps — Preview Now Open
Alex Chuev (DevExpress)
Microsoft Multilingual App Toolkit (MAT) Has Been Deprecated: What’s Next for DevExpress-Powered App Localization?
Dennis Garavsky (DevExpress)

Popular Topics

Subscribe