Finding errors in your code or examining unexpected behavior is the main purpose of Debugging
I will try to refresh the traditional tools away from the helpers you have in Studio, VScode, Serenji, ....
to the basics which have been there before your preferred EDI used it in the background.

First of all, what is data anonymization?

According to Wikipedia:

Looking at my old articles recently. I saw an undeservedly forgotten program that can significantly increase the security of your system by not allowing the user to use old passwords when changing.

I recently published the "appmsw-docbook" module for deploying the solution not by individual programs, but by the entire database. This solution allows you to deploy a project without source codes.

Having received feedback, I decided to improve it significantly. Replaced zip archive with tgz, which will allow not using external system-dependent archivers.

The XData (https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls?KEY=GOBJ_XDATA) is a powerful feature to set documentation and metadata information for classes and methods.

The InterSystems IRIS has a great audit system. It is responsible for auditing system events, but you can use it to audit your applications (great feature).

The audit system is based into event concept. The events can occur with IRIS or in an application. So, we have two type of events to the audit system:

1. System events: events occured into the InterSystems IRIS components (database, interoperability, analytics and core);

How to check if the password is strong enough, so it will not be cracked very fast? And how to make a strong password?

I've developed a tool that may help with this. You can find it on OpenExchange. Install it with zpm

zpm "install passwords-tool"

This module will install just one class caretdev.Passwords, which contains a few helpful methods in it

Developing the project zpm "install isc-apptools-lockdown" implemented the ability to set the security level not only to lockdown, but also to minimum and normal.

Increasing security settings

You can replace the shared password if the password of the predefined system users has been compromised

Not so while ago GitHub introduced, ability to very quickly run VSCode in the browser for any repository hosted there. Press the . key on any repository or pull request, or swap .com with .dev in the URL, to go directly to a VS Code environment in your browser.

This VSCode is a light version of the Desktop version but works entirely in Browser. And due to this, it has a limitation for extensions which was allowed to work this way. And let me introduce the new version 1.2.1 of VSCode-ObjectScript extension which now supports running in Browser mode.

In this article I will explain how to Authenticate, Authorize and Audit by code by using CSP Web Application along with Enabling /Disabling and Authenticate/Unauthenticate any Web Application.

• Online Demo is available on cloud https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp (SuperUser | SYS)
• I recommend to watch the video before continue https://www.youtube.com/watch?v=qFRa3njqDcA

Application Layout
 

The InterSystems Server Manager extension for Visual Studio Code lets you define connections to your servers, list their namespaces and edit or view code there. You can also launch Portal for a server.

Server Manager 3.0 improves security by becoming a VS Code Authentication Provider. It is my entry for the November 2021 InterSystems Security Contest. Click here to visit the contest page where you may decide to vote for this entry. Please ignore the clickable "Contestant" label on this article header above, as it relates to a different contest for new DC articles. If you want to support me in that contest, simply "like" this post.

Server Manager 3.0 Preview, my entry for the InterSystems Security Contest, is now making use of a cool new feature of Visual Studio Code version 1.63 - support for pre-release extensions.

Hey community, how are you all doing?

What if you could check if your REST application is susceptible to some vulnerability? What if you could check if any known attacks affect your application?

With these issues in mind, we've brought our sample application using the ZAP testing tool. A way to quickly, conveniently provide tools for developers to validate security issues in an accessible manner practically.

In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo 
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

Please read the related documentations Using an InterSystems IRIS Web Application as an OAuth2 Client
and a nice articles about OAuth https://community.intersystems.com/post/intersystems-iris-open-authoriza...

We need below 3 steps to achieve the desire :

• Step 1 : Register Application with GitHub Authentication Server
• Step 2 : Configure OAuth 2.0 Client from InterSystems Management portal
• Step 3 : Call API to login with GitHub account

So Let's start with Step 1

Step 1 : Register Application with GitHub Authentication Server

In order to register application with GitHub authentication server we need GitHub account. 
Log in to GitHub account and navigate to https://github.com/settings/developers and under OAuth Apps tab click New OAuth App button

 

Enter Application name, Homepage URL, Description and Authorization call back URL
Please note that Authorization call back URL must refer to OAuth2.Response.cls class ({domain}/csp/sys/oauth2/OAuth2.Response.cls)
Click Register Application

This will open detail page. Click Generate a new client secret and save Client ID and Secret Key which we will use while configuring IRIS OAuth2 client

Application is registered successfully

Want a commercial grade FHIR® Implementation included in your micro service ecosystem and barely have enough time to fill out your Health plan elections?

Creating REST API using InterSystems ObjectScript is very easy, but some recipes can help you into this process: