Tallan Blog

Tallan’s Experts Share Their Knowledge on Technology, Trends and Solutions to Business Challenges

Coding an Email Template

You’ve just been assigned to code an Email Template by your Project Manager, and you have no idea where to start. If you are put in this unfortunate position, you should first ask if you can simply use an already established email service, which includes support. If that proves to be fruitless, you will have to write your own. Writing email templates gets frustrating fast due to its incompatibility with CSS and the inconsistency between Email clients such as Gmail vs. Outlook.
CSS Incompatibility
The first step with dealing with CSS incompatibility is to break the cardinal rule of front-end development completely; you have to inline-style your CSS code. I can feel your contempt for me right now, but it’s the only way to guarantee your styling is rendered properly. 
Example:

Tables          
When creating the layout for the HTML code, you…

a new ASP.NET Core Web Application

Creating Secure AJAX HTML Forms in ASP.NET Core MVC, Part 2: Preventing Cross-Site Request Forgery Attacks

In Part 1 of this two-part series, I showed you how to secure HTML forms from XSS and SQL Injection attacks by implementing client-side and server-side validation. In Part 2, I will show you how to build an HTML form that submits using AJAX and how to protect it from Cross-Site Request Forgery attacks.
HTML forms are one of the most common ways for a web application to accept user input. However, in this modern age, it is best practice not to reload the page whenever an HTML form is submitted. AJAX is one tool we can use to submit a form and provide feedback to the user without reloading a page. Implementing your application this way comes with inherent security concerns. One of those concerns is Cross-Site Request Forgery Attacks. This type of attack can be carried out on virtually…

Creating Secure AJAX HTML Forms in ASP.NET Core MVC, Part I: Client-Side and Server-Side Validation

In this two-part series, I will show you how to create a secure form that submits using Ajax. In part one of this series, we will create an HTML form and secure it from XSS and SQL Injection by validating user input through client-side and server-side validation.
Most modern websites have a need to take in information from a user. This is commonly done through HTML forms; the user enters information into form fields and the website submits an HTTP POST request to the server. The server can then use this information and/or store it to meet a wide variety of business needs. However, allowing any information from any source can prove disastrous for a system and is commonly the point of attack for malicious parties. SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) are common ways a malicious…

Azure Governance – Part 4 Resource Graph and Cost Management

Azure Resource Graph allows you to explore, query, analyze, and perform an impact assessment across any sized azure environment in seconds. Use the impact assessment option if you want to see how fast your policies can be put into place.  Azure cost management is built into Azure. It encapsulates better analysis and budget alerting, reduced data latency, and it’s a free tool to manage your Azure costs. Governing your environment isn’t solely about managing the infrastructure. We all have budgets we have to stick to.  With Azure cost management, you can stay on track with your budget and re-invest what you save.

Learn more about Azure Resource Graph and Cost Management in our Azure Governance mini video series!
Azure Governance Blog Series:
Introduction
Management Groups
Policies and Initiatives
Blueprints

Learn more about Tallan or see us in person at one of our many Events!

Azure Governance – Part 3 Azure Blueprints

During Azure Infrastructure engagements, we consistently hear that our customers are encountering three common challenges – (i) creating and redeploying infrastructure in a repeatable manner, (ii) creating governed subscriptions, and (iii) protecting foundational resources. Through an Azure blueprint solution, you can compose, deploy and update cloud environments in a repeatable manner, orchestrate the deployment of resource templates and policies, protect your environment by locking down the foundational infrastructure, and empower your teams to use azure in a self-service manner while maintaining organizational standards.
Compose. Orchestrate. Protect. Empower. An automated, easy-to-deploy solution to help govern your organization’s subscriptions, so the infrastructure you build is maintained as you designed it.

Learn more about Azure Blueprints in our Azure Governance mini video series!
Azure Governance Blog Series:
Introduction
Management Groups
Policies and Initiatives
Resource Graph and Cost Management

Learn more about Tallan or see us in person at one of our many Events!

Azure Governance – Part 2 Azure Policies and Initiatives

Azure Policy is a service in Azure that you use to create, assign, and manage policies that enforce rules over your resources to ensure compliance against corporate standards and service level agreements (SLAs).  An initiative is a collection of policies grouped together.  An Initiative simplifies managing and assigning policies by grouping them as one single item.  Azure Policy is comprised of three components – Enforcement and Compliance, Application at Scale, and Remediation.  You will have the ability to turn on built-in policies or build custom policies for all resource types, evaluate and enforce policies real-time, assess compliance and a newly added feature, VM In-Guest Policy that allows you to audit settings inside a machine.  Azure Policy also allows you to apply policies to a Management Group with organization-wide control, apply multiple policies and aggregate policy states with policy initiative AND…

Leveraging all of the Tools in the Toolbox – Restful API Best Practices

I work on many APIs with clients, and a trend I have noticed is that very few of the tools available are being used. What do I mean by this?  It means that all the requests are GETs or POSTs, or all the responses are 200s, 400s, or 500s.  If that means nothing to you, then I’m not really surprised, and I will clarify as this carries on.
Let’s start with API request “verbs.”  These are the GETs and POSTs I mentioned above.  Believe it or not, there are more than just those two.  Basically, what I have discovered is a mentality that if the request has/needs body content, it’s a POST, else GET.  Please, please, if you follow this pattern, forget it and read on, but there is a chance all your requests will still be GETs or POSTs.
Alright, let’s discuss…

Azure Governance – Part 1 Management Groups

If your organization has multiple Azure subscriptions, you may need a way to efficiently manage access, policies, and compliance for those subscriptions. This can be accomplished through Management Groups. Through Management Groups, you can: (1) group subscriptions allowing for new organizational models and single assignment of controls that apply to all subscriptions. (2) create a flexible hierarchy that can be updated quickly and can easily scale up or down depending on the needs of the organization, and (3) use Azure Resource Manager to integrate with other Azure services like Policy, Cost Management, Blue Prints, and Security Center.
In this simple example, using Management Groups, we have created an organizational hierarchy. Starting at the corporate level, we have created two management groups – one for the Marketing team and one for the IT team. Within the IT group, we have established two…

Tallan Attends Its First ALM LegalWeek Conference

A couple of weeks ago, Tallan attended its first ALM LegalWeek conference in New York City. With over 4,000 attorneys, c-suite executives, marketing and business development staff, exhibitors, and vendors registered, our team was looking forward to networking and the educational panels we had the opportunity to attend.
The event was divided into three separate ‘conferences,’ Legal CIO, Legal Tech, and Legal Business Strategy. We divided and conquered, and after day 1, one thing became clear: LegalTech has become mainstream. Firms are looking for out-of-the-box products and platforms to enhance processes, time-keep for ease of billing, foster eDiscovery, and generally optimize operations. There are vendors for nearly every ‘LegalTech’ you could imagine or need.
For the most part, they are internal. Save time by digitizing records, but if a firm cannot bill that time saved (not that attorneys perform administrative tasks anyway), then how…

QA is the foundation for UX Evolvement

As a UX designer, I was tasked with a QA assignment that required me to change hats. QA needs direction, and it is essential that UX delivers designs that have a story in the form of journey maps and sitemaps so QA can create test cases with useful sample data for effective interactive testing. It is important to have visual workflows and explicit instructions that can be easily followed by developers, which in turn provides QA with a clear direction in testing efforts.
Walking through test cases as a QA with a UX background allowed me to see what most developers may not recognize including simple usability issues that may not have been thought of:

Visibility of system status
Match between system and the real world
User control and freedom
Consistency and standards
Error prevention
Recognition rather than recall
Flexibility and efficiency of use
Aesthetic and minimalist design
Help users…

\\\