Tallan Blog

Tallan’s Experts Share Their Knowledge on Technology, Trends and Solutions to Business Challenges

Creating Secure AJAX HTML Forms in ASP.NET Core MVC, Part I: Client-Side and Server-Side Validation

In this two-part series, I will show you how to create a secure form that submits using Ajax. In part one of this series, we will create an HTML form and secure it from XSS and SQL Injection by validating user input through client-side and server-side validation.
Most modern websites have a need to take in information from a user. This is commonly done through HTML forms; the user enters information into form fields and the website submits an HTTP POST request to the server. The server can then use this information and/or store it to meet a wide variety of business needs. However, allowing any information from any source can prove disastrous for a system and is commonly the point of attack for malicious parties. SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) are common ways a malicious…

Azure Governance – Part 4 Resource Graph and Cost Management

Azure Resource Graph allows you to explore, query, analyze, and perform an impact assessment across any sized azure environment in seconds. Use the impact assessment option if you want to see how fast your policies can be put into place.  Azure cost management is built into Azure. It encapsulates better analysis and budget alerting, reduced data latency, and it’s a free tool to manage your Azure costs. Governing your environment isn’t solely about managing the infrastructure. We all have budgets we have to stick to.  With Azure cost management, you can stay on track with your budget and re-invest what you save.

Learn more about Azure Resource Graph and Cost Management in our Azure Governance mini video series!
Azure Governance Blog Series:
Introduction
Management Groups
Policies and Initiatives
Blueprints

Learn more about Tallan or see us in person at one of our many Events!

Azure Governance – Part 3 Azure Blueprints

During Azure Infrastructure engagements, we consistently hear that our customers are encountering three common challenges – (i) creating and redeploying infrastructure in a repeatable manner, (ii) creating governed subscriptions, and (iii) protecting foundational resources. Through an Azure blueprint solution, you can compose, deploy and update cloud environments in a repeatable manner, orchestrate the deployment of resource templates and policies, protect your environment by locking down the foundational infrastructure, and empower your teams to use azure in a self-service manner while maintaining organizational standards.
Compose. Orchestrate. Protect. Empower. An automated, easy-to-deploy solution to help govern your organization’s subscriptions, so the infrastructure you build is maintained as you designed it.

Learn more about Azure Blueprints in our Azure Governance mini video series!
Azure Governance Blog Series:
Introduction
Management Groups
Policies and Initiatives
Resource Graph and Cost Management

Learn more about Tallan or see us in person at one of our many Events!

Azure Governance – Part 2 Azure Policies and Initiatives

Azure Policy is a service in Azure that you use to create, assign, and manage policies that enforce rules over your resources to ensure compliance against corporate standards and service level agreements (SLAs).  An initiative is a collection of policies grouped together.  An Initiative simplifies managing and assigning policies by grouping them as one single item.  Azure Policy is comprised of three components – Enforcement and Compliance, Application at Scale, and Remediation.  You will have the ability to turn on built-in policies or build custom policies for all resource types, evaluate and enforce policies real-time, assess compliance and a newly added feature, VM In-Guest Policy that allows you to audit settings inside a machine.  Azure Policy also allows you to apply policies to a Management Group with organization-wide control, apply multiple policies and aggregate policy states with policy initiative AND…

Leveraging all of the Tools in the Toolbox – Restful API Best Practices

I work on many APIs with clients, and a trend I have noticed is that very few of the tools available are being used. What do I mean by this?  It means that all the requests are GETs or POSTs, or all the responses are 200s, 400s, or 500s.  If that means nothing to you, then I’m not really surprised, and I will clarify as this carries on.
Let’s start with API request “verbs.”  These are the GETs and POSTs I mentioned above.  Believe it or not, there are more than just those two.  Basically, what I have discovered is a mentality that if the request has/needs body content, it’s a POST, else GET.  Please, please, if you follow this pattern, forget it and read on, but there is a chance all your requests will still be GETs or POSTs.
Alright, let’s discuss…

Azure Governance – Part 1 Management Groups

If your organization has multiple Azure subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. This can be accomplished through Management Groups. Through Management Groups, you can: (1) group subscriptions allowing for new organizational models and single assignment of controls that apply to all subscriptions. (2) create a flexible hierarchy that can be updated quickly and can easily scale up or down depending on the needs of the organization, and (3) use Azure Resource Manager to integrate with other Azure services like Policy, Cost Management, Blue Prints, and Security Center.
In this simple example, using Management Groups, we have created an organizational hierarchy. Starting at the corporate level, we have created two management groups – one for the Marketing team and one for the IT team. Within the IT group, we have established two…

Tallan Attends Its First ALM LegalWeek Conference

A couple of weeks ago, Tallan attended its first ALM LegalWeek conference in New York City. With over 4,000 attorneys, c-suite executives, marketing and business development staff, exhibitors, and vendors registered, our team was looking forward to networking and the educational panels we had the opportunity to attend.
The event was divided into three separate ‘conferences,’ Legal CIO, Legal Tech, and Legal Business Strategy. We divided and conquered, and after day 1, one thing became clear: LegalTech has become mainstream. Firms are looking for out-of-the-box products and platforms to enhance processes, time-keep for ease of billing, foster eDiscovery, and generally optimize operations. There are vendors for nearly every ‘LegalTech’ you could imagine or need.
For the most part, they are internal. Save time by digitizing records, but if a firm cannot bill that time saved (not that attorneys perform administrative tasks anyway), then how…

QA is the foundation for UX Evolvement

As a UX designer, I was tasked with a QA assignment that required me to change hats. QA needs direction, and it is essential that UX delivers designs that have a story in the form of journey maps and sitemaps so QA can create test cases with useful sample data for effective interactive testing. It is important to have visual workflows and explicit instructions that can be easily followed by developers, which in turn provides QA with a clear direction in testing efforts.
Walking through test cases as a QA with a UX background allowed me to see what most developers may not recognize including simple usability issues that may not have been thought of:

Visibility of system status
Match between system and the real world
User control and freedom
Consistency and standards
Error prevention
Recognition rather than recall
Flexibility and efficiency of use
Aesthetic and minimalist design
Help users…

Parsing Delimited Strings in a SQL Database

I often receive requests from colleagues needing to solve particularly thorny problems from within a SQL database. This article is intended for those who might find themselves needing to parse a delimited string inside a SQL database, those who find themselves in a position to provide solutions to this particular issue and those liking SQL challenges.
Recently a colleague posed a problem where the value in one column was a list of user property metadata. Each user property was a list of the information required to extract values from a second column in the same table, a list within a list with a common delimiter throughout. A key-value pairs table is a suitable design for this application; the designer chose a different path. The data and the metadata about that data were denormalized into separate columns. Our goal is to determine a solution…

Azure Governance

The speed at which companies are moving to the cloud continues to accelerate. When the cloud-first came to be, the question was, why? Why should we relinquish control of our infrastructure? Once there was a reasonable answer to why, it became a matter of if, if we are going to move to the cloud.  Now it’s a matter of when.  And now that we’re there, the question has become, how do we organize everything and maintain control? In short, Governance. Governance enables you to; (i) establish control by implementing policies with real-time enforcement, compliance assessment, and remediation, (ii) deploy and update cloud environments in a repeatable manner using composable artifacts, (iii) query, explore, and analyze cloud resources at scale, (iv) define an organizational hierarchy, and (v) monitor cloud spend and optimize resources. Next week, we will begin a four-part mini-series on…

\\\