Archive for the ‘IT Operations Management’ Category

PreEmptive is doing its part to help the Vancouver Winter Olympics go off smoothly.

Friday, February 19th, 2010 by Gabriel Torok

Online viewers of the Vancouver Olympics on NBCOlympics.com are using Silverlight based video and photo viewers delivering full HD quality content for viewers and helping content owners monetize their content. I am pleased to say that Dotfuscator had a hand in all of this innovation providing both protection and optimization for the high performing video player at the heart the NBC online Olympic experience.

For an overall description of the Silverlight solution, see: http://team.silverlight.net/events/let-the-games-begin/

For Microsoft’s own description of the role of partners (including us of course), see: http://team.silverlight.net/customer-evidence/vancouver-olympics-ndash-how-rsquo-d-we-do-that/

The development teams especially appreciated the fact that Dotfuscator can accept and output XAP files (instead of low level DLLs that force developers to manually edit XAP files).  This shortens and simplifies the release process – and was critical for an event like the Olympics.

On an unrelated Silverlight note, I was pleased to see David Kelly’s recent blog entry . This Silverlight MVP has identified Dotfuscator’s Silverlight analytics as “a critical tool in your tool Silverlight toolbox.” Good Stuff.

Tags: , , ,
Posted in Dotfuscator, Dotfuscator CE, IT Operations Management, Microsoft, Threat (swoT) | No Comments »

How do I love thee? Let me count the ways.

Thursday, August 20th, 2009 by Sebastian Holst

“How do I love thee? Let me count the ways. I love thee to the depth and breadth and height” - Sonnet 43, Elizabeth Barrett Browning

So “what’s love got to do with it?” (Private Dancer, Tina Turner) Hint: if people live for love, then businesses live for money

On July 14th, Microsoft announced Azure pricing and a “grace period” through PDC 2009. A primary rationale here is to enable development organizations to optimize deployment and monetization models to maximize Azure commercial opportunities.

So, whether you are a romantic (like Ms Browning above) or perhaps more hardened like Tina Turner’s Private Dancer (or Stanley Kubrick a la Full Metal Jacket), one thing is for sure - Microsoft wants Azure to “love you long time.” How deep, wide, high or long is the question.

Check out a this article in SD Times - PreEmptive’s Dotfuscator instruments Azure applications By David Worthington – where Dave Worthington makes many of the very same points.

Of course, we announced Runtime Intelligence Service (RIS) Azure support to help developers answer these very questions. While perhaps not as soaring as a sonnet – Runtime Intelligence allows for any .NET component deployed into Azure to be injected (post-build) with session, feature and method level monitoring. The runtime intelligence is streamed out of Azure for analysis. Other than writing a custom solution, this is perhaps the only means to measure adoption, usage patterns and performance inside Azure in near real-time.

Now, my posts are all intended to help you (blog followers) find more ways to make more money (we want to spread the love). So, you will note that I very specifically said the RIS helps to answer these questions. What the Azure development community really needs is an ROI calculator that will combine real usage data (from both legacy and piloted Azure applications) with Microsoft pricing and the offset IT expenses to come up with an Azure ROI calculator. I know there are lots of calculators being written – but how many of them can incorporate actual usage data before and after deployment to the cloud? That’s not our business – but could it be yours?

If yes, let me know and I will make sure you have what you need to call our RI Service via our RESTful API – making your calculator uniquely able to reliably predict cloud ROI.

As always, i have a more philosophical take on this issue on my personal blog at http://apps-are-people-too.blogspot.com/2009/08/how-do-i-love-thee-let-me-count-ways.html

Tags: , , , , , ,
Posted in Application Lifecycle Management, DashO, Dotfuscator, Dotfuscator CE, IT Operations Management, Microsoft, Opportunity (swOt), Runtime Intelligence, Software Development Lifecycle Management, Threat (swoT) | No Comments »

Lower the Cost of Knowing

Monday, July 6th, 2009 by Gabriel Torok

Before tools like Survey Monkey were available, you could conduct surveys. But the cost was much higher, often including costs of envelope stuffing,  outbound and return postage, incentives such as a dollar in each envelope (to try to increase the response rate), data entry costs, and long time delays. Given the hassle and costs, you might be forgiven for making important decisions based on sparse data. In America, it’s called going with your gut. The rapid proliferation of low-cost web-based survey tools is a clear indication that lowering the “cost of knowing” stimulates organizations to “go find out.” In the past, companies did not survey as extensively because they felt they couldn’t afford the higher costs, and perhaps they did not value knowing enough to invest more.

Likewise, before point-of-sale systems were widely available, retailers were able to track customers and their buying habits, but at a very high cost and hassle factor. It was probably easier to “go with your gut”. Now, point-of-sale systems are a multi-billion dollar a year business and retailers are at an extreme disadvantage if they don’t use one.

A lower cost of knowing continues shifts in our desire and use of information. Developments such as nearly free international communication to practically ubiquitous Internet search have made knowing quick and easy. For example, today it is possible to very quickly discover which vendor has the best price and service. Improved information allows everyone to make better and faster decisions.

And yet today, many software producers still take a reactive “go with your gut” approach to understanding how their customers use their applications and measuring the satisfaction they receive from them. That is because historically, it’s been difficult and expensive to measure how users - individually or in aggregate - actually use applications. In other words, they perceive the cost of knowing as higher than the value of knowing.

This will change as new options significantly reduce the cost of knowing for software producers. In tighter economic times such as now, getting low cost, accurate and timely insight into software behavior, stability and performance will become essential. Successful software producers will benefit from the value of enhancing the customer’s experience by proactively understanding problems and opportunities and acting decisively based on their knowledge. What your customers aren’t telling you might be hurting you. After all, why would you rely only on your “gut” or a handful of customers for feedback when you can easily listen to your applications in a broad and precise way?

Tags: ,
Posted in Application Lifecycle Management, IT Operations Management, Runtime Intelligence, Software Development Lifecycle Management | No Comments »

Notes from the RSA Conference

Wednesday, April 29th, 2009 by Sebastian Holst

I have just returned from the RSA Conference where I stumbled on a business opportunity that I think is out there for anyone addressing log and event management requirements.

On Thursday, April 23, there was a session entitled “Common Event and Log Standards: Leveling IT’s Tower of Babel.”
The abstract stated, in part, that:

“The IT industry suffers from a lack of standards for event, log, and audit information. Regulatory requirements to retain, protect, and destroy log data continue to increase. Organizations also need better situation awareness and cost control across complex IT security event horizons. The good news is that standards efforts are underway,…”

XDAS (for more info visit http://www.opengroup.org/security/das/xdas_int.htm) is one standard being developed/promoted to address these issues and the Common Event Expression (CEE) language, being developed by Mitre is an even broader effort that will, ultimately, subsume the former (for more information visit http://cee.mitre.org/). …but these efforts are, as a direct consequence of their ambition and generality, complex and solutions/implementations live somewhere in our future.

There is, of course, an established market for log and event management solutions that address the current heterogeneous and, often, incompatible log and event data streams and sources – do a search on “log and event management” as a case in point. Many of the vendors that will pop-up were also exhibiting at the RSA Conference – both promoting the value of Security Event Information Management (SEIM) and capitalizing on the confusion that stems from the lack of standards in this important field.

Well check this out…

In 2008, Microsoft announced that Visual Studio 2010 would include an extended version of Dotfuscator CE that would include, for the first time, the ability to inject tamper detection, application expiry behavior, session monitoring, and feature tracking – all post-build, without programming, on virtually every flavor of the .NET framework.

This move essentially enables the 6 million+ Visual Studio programmers to retroactively add streaming logs to virtually every .NET application ever written – and guess what? They will not only stream to any endpoint specified (dealing with distributed and cloud-based components) – they will ALL SHARE THE SAME SCHEMA!

– PROBLEM SOLVED????

Of course not – but here are some obvious implications

Given the historical adoption precedent of obfuscation, it is highly probable that 30%-40% of .NET developers will experiment with and incorporate these new capabilities into their development efforts. That’s millions of developers and many many thousands of software components.

As post-build injection becomes more widely accepted as a standard practice, the Java community’s adoption of similar capabilities is likely to increase as well (we support injecting the very same “streaming logs” into Java).

OPPORTUNITY

SEIM and Control Vendors – build-in support for the SOAP signals that will soon be a de facto standard on the .NET platform – differentiate your solutions by getting ahead of the .NET 4.0 curve and establishing yourself as a leader in application security event information management (aSEIM).

Application and Information Management Service Providers – expand your practices to address both the opportunities that this kind of application monitoring offers as well as any potential for abuse.

When 6 million of your closest developer friends have a technology in their arsenal – will it be too late for you to claim to be an expert?

For a more chatty discussion also inspired by the RSA Conference on why Cloud Conferences will never replace live events (and therefore, why Cloud Computing will never replace installed software) - visit my personal blog - Applications Are People Too

Posted in DashO, Dotfuscator, IT Operations Management, Runtime Intelligence, Software Development Lifecycle Management | 1 Comment »

How do you get $5 from every .NET developer on the planet?

Tuesday, April 7th, 2009 by Sebastian Holst

Here is an idea that I have been telling anyone who will listen, but as far as I can tell, no one is doing anything about it.

Back at PDC 08, Microsoft announced that Visual Studio 2010 would include “Application Feature Monitoring, Usage Expiry and Tamper Defense capabilities.” These capabilities will be delivered inside the next generation of Dotfuscator CE (now to be called Dotfuscator Software Services) and will be included in the box with Visual Studio (except the Express SKU) with no registration or any other steps required.

Specifically, the tamper detection functionality referenced here will enable any Visual Studio user to inject tamper detection logic POST-BUILD into any .NET executable (assuming it is not already signed). Once this step is complete, the application will (when tamper is detected) have the ability to:

a) halt execution AND

b) (here is the important bit) send a SOAP signal to an IP endpoint of the developer’s choice.

So, how do you get $5 from every developer on the planet?

Use social networks or any other communication tool you prefer to make the following offer:

  • For $5 per month retainer, you will provide an IP address for developers to use when building their applications. If their application is ever tampered with (and it has access to the Internet) the SOAP signal is delivered to your endpoint.
  • Your service will notify them upon receipt. Why not use Microsoft’s cloud services to host a simple SharePoint application for this? They can then take appropriate action.
  • You can optionally set some sort of per incident fee as well if you like.

Every developer who moves to Visual Studio 2010 will have all of the software you need them to have installed in their environment - so there are NO software distribution requirements.

All you need to do is write a simple hosted endpoint, provide the IP address, and collect the subscription fees.

This functionality is already exposed in the CTP release of Visual Studio 2010 – you can begin this project today without contacting PreEmptive at all (although, we are happy to assist if you want to take advantage of any/all of our commercial extensions).

What do you think? There is a similar service possible with Shelf-life (also included in the new Dotfuscator Software Services community edition).

Tags: , , ,
Posted in Application Lifecycle Management, Dotfuscator, IT Operations Management, Microsoft, Opportunity (swOt), Software Development Lifecycle Management | No Comments »