What Are Advanced Persistent Threats?
Advanced Persistent Threats (also known as APTs) are prolonged targeted cyberattacks. Such attacks are carried out by a well-funded (typically state-sponsored) group of highly skilled hackers who have high aspirations. Typically, APTs involve the creation of custom attacks that specifically target the victim’s network/machine. APTs primarily target government agencies, defense contractors, manufacturers of products, vendors, and partners of a primary target, and companies with intellectual property. The Stuxnet worm is a good example of such an attack. It is believed to have been created by the NSA, CIA, and Israeli intelligence. It was discovered in 2010 and was responsible for destroying several centrifuges at Iran’s Natanz uranium enrichment facility. The worm would search infected computers for signs of Siemens Step 7 software (used on industrial computers serving as PLCs), if found, it would update its code…
Whatever your job is, I’m sure your overarching goal is to improve your organization. For some people that means driving revenue by making sales; for others, it’s implementing technology that solves a problem, creates efficiencies, or saves time.
For those of you who fit into this second category, it’s likely that you’ve had a great idea or two in your time. And, hopefully, you’ve brought these ideas to your boss or leadership. If you executed everything properly, they saw the same value that you did, and together you charted a path to move forward.
But that’s not always how this scenario plays out.
Unfortunately, there are a lot of amazing ideas that never make it past a proposal. At Tallan, we recognize the importance of seeing these ideas through to execution and implementation proving that they truly do provide the value you’re proposing. …
For most corporate networks, Windows Active Directory Domain Services is the critical backbone for the support of your enterprise information structure. An improperly performing Windows Server Active Directory can be the cause of the most minor of nuisance issues, up to and including as much as the complete failure of your corporate environment’s security and authentication structure and the loss of access to your data, systems, and network shared resources.
This introduction post on the subject of the health of your Windows Server Active Directory Domain Services is part one of an occasional series of blog posts that I will have on Active Directory Health.
Performing an Active Directory Health Check in small and midsize environments can be somewhat problematic for the local, in house network and resource administrators. Often times, those smaller businesses don’t always have dedicated, full-time Active Directory administrators,…
General availability of Windows Server 2016 was announced in early October 2016.
Windows Server 2016 includes 3 main editions:
Datacenter: This is the main, large scale edition release of the Windows Server operating system, designed for corporate and enterprise environments
Standard: This edition is most ideal for small to mid-sized organizations (as well as niche uses in larger corporations) that have smaller virtualization needs and / or more of a need for a general purpose server operating system.
Essentials: This edition is mainly designed for smaller organizations, generally with less than 50 users.
Under the Standard and Datacenter editions, there are three installation options:
Server with Desktop Experience: The Server with Desktop Experience installation option (previously known as Server with a GUI) provides an ideal user experience for those who need to run an app that requires local UI or for Remote Desktop Services Host. This option has the full Windows client…
Near the end of September of this year, (2016), Microsoft formally announced that they were streamlining their technical certification program, so that it was more closely aligned to industry-recognized areas of subject matter and expertise – “Centers of Excellence, used by the Microsoft Partner Network, which identifies technical competencies that are widely recognizable by both Microsoft partners and customers.”
The Microsoft Certification program has undergone many changes in the past four or five years; many of these had been very subtle, up until now, but that wasn’t the case five years prior to that, as the program underwent a major change at that time as well.
In this blog post I will outline some of the certification program history as I experienced it over my career in the information technology field. In future posts, I will review some of the changes being…
Dell Boomi provides the concept and implementation of extensions to allow developers and administrators to have distinct values for different environments without having to use multiple connectors of the same type.
As an example in a given scenario where a Dell Boomi Process uses a disk connector to read a file but the file location changes from environment to environment.
1. Test Server file folder location: C:\TEST\Inbound
2. QA Server file folder location: C:\QA\Inbound
3. Production Server file folder location: C:\PROD\Inbound
Bad projects are expensive. In fact, organizations lose a whopping $109 million for every $1 billion invested in projects and programs, according to a Project Management Institute (PMI) study. And the bigger the projects are, the harder they fall. Large projects are 10 times more likely to fail outright, according to another industry report, and two times more likely to be late, over budget and missing critical features when compared with smaller projects. While small and medium projects may not be quite as fraught with peril, anyone who’s worked on them knows they certainly aren’t without their woes.
So, what are the culprits behind these epic and not-so-epic fails? According to PMI, common causes of project failure range from changing priorities within an organization (40 percent) to limited resources (20 percent). While some may be out of our control as project…
96 percent of businesses are either undergoing some kind of digital transformation strategy or plan to in the near future. Those are the results of a recent survey MuleSoft conducted; just about every business is trying to get a handle on how to cope with new channels, new methods of engagement, and ubiquitous connectivity. The reason is clear; nearly three-quarters of IT decision makers surveyed said that if digital transformation initiatives weren’t completed, it would have a negative effect on revenue, and 39% said that the negative effect would happen within 3 months.
That’s startling, and just shows how crucial and urgent implementing digital transformation initiatives are. Ross Mason, MuleSoft founder, points out that “to remain competitive, companies need to think differently about how they unleash the value of their data and assets.” But that’s proving hard for many businesses, as only…
Practice #1: Catch Exceptions at the Highest Possible Level (Tier)
In general, exceptions should be bubbled up to the highest possible level to be caught and processed. For example, in our project, a search goes through the following logical tiers:
UI -> Services -> Data/SharePoint/Refinement -> Web Services
There are quite a few instances where we’re catching exceptions in the Data or Services layer, logging them using common logging components or configurations, and then swallowing the exception one way or another.
This is a bad practice for few reasons:
This behavior is not transparent to developers that may be using the DLL but do not have access to the source code.
Logging from lower tier components is generally a bad idea, as it either requires a static logging location embedded in the dll or creates a dependency on the UI to provide pre-determined logging mechanism (i.e….
As many may already know, Scrum is an approach to software development that, rather than being a full process or methodology, is a framework that utilizes the Agile scheme to develop software. Instead of providing a complete, detailed description of how everything is to be done in a project from the beginning, much is left up to the development team. Scrum projects progress in a series of sprints, which are also known as iterations no longer than a month. At the start of a sprint, team members commit to delivering a number of tasks listed in the project backlog list. At the end of the sprint, these features are considered done if everything within the task is fully coded, tested and integrated into the evolving product or system. At the conclusion of each sprint a review is performed to demonstrate…