The premiere podcast for Microsoft-Centric IT Professionals

click on Richard for the full site
click for full site

telerik
 


#409 - February 25, 2015

Lessons from a Pen Testers with Paula Januszkiewicz (Guest Info)

Paula is back - with stories of hacking her customer's systems! Richard talks to Paula Januszkiewicz about her work as a penetration tester and what it has revealed about the common vulnerabilities for corporate systems. There are lots of simple things you can do to make your systems less vulnerable - starting with getting patched up! There's a lot of conversation about passwords and account restrictions too, such as making sure that local machine admin accounts do not all have the same password, that service accounts do not allow interactive logins and so on. In Paula's experience, you're always going to get penetrated by some zero-day exploit, so be prepared to defend in depth!


#408 - February 18, 2015

PowerShell Past and Future with Lee Holmes (Guest Info)

Where did PowerShell come from and where is it going? Richard chats with Principle Software Engineer Lee Holmes about his experiences building PowerShell, going all the way back to 2003/2004 when Jeffrey Snover was trying to convince folks that Monad (the code name for PowerShell) was a good idea! Lee mentions a number of great resources along the way including AutoIt CmdLets and an Overview on PowerShell as a Hosting Solution. The conversation then turns to the future of PowerShell including tools like Desired State Configuration and OneGet. More PowerShell!


#407 - February 11, 2015

Threat Modeling with Robert Hurlbut (Guest Info)

How do you look at the potential security threats in your organization? Richard talks to Robert Hurlbut about threat modeling. Robert talks out talking about we all threat model in our day-to-day lives, after all, we put locks on doors and windows for a reason. But when applied to technology, things get more complex. Are you resisting specific attacks or casual hackers? How much security is enough? Robert references the book Threat Modeling by Adam Shostack and the acronym STRIDE: Spoofing, Tampering, Repudiation, Information disclosure, Denial of service and Elevation as an approach to planning the overall threat models to your software, systems and organization.


#406 - February 04, 2015

DevOps in 2015 with Gene Kim (Guest Info)

Where is your DevOps practice at? Richard catches up with Gene Kim, the godfather of DevOps, to recap 2014 and talk about what DevOps in 2015 is going to be like. But you can't look into the future without being informed by the past, and Gene points to Puppet Labs 2014 State of DevOps Report as a way to understand the impact DevOps has had so far, and where things are going. The discussion also digs into the DevOps Enterprise Summit held in October 2014, you can see the sessions on YouTube at www.youtube.com/user/DOES2014. The DevOps Movement is progressing - are you coming?


#405 - January 28, 2015

Securing Your Data with Simon Sabin (Guest Info)

How secure is your data? Richard talks to Simon Sabin about securing your databases and making sure you know they're actually secure. The conversation digs into various aspects of security including access control, restricting permissions and effective record keeping. Audits don't have to be the enemy, they're also the best proof that you've protected your data, and help point out when you haven't! With all the stories out in the world about data breaches, isn't it a good time to start really thinking about data security? Check out Simon's SQLBits session about not becoming the next Sony!


#404 - January 21, 2015

Web Performance with Scott Forsyth (Guest Info)

Does web performance just mean moving to the cloud today? Richard talks with Scott Forsyth about a variety of web performance strategies. Scott explains that moving to the cloud isn't the panacea that some folks think it is - any more than scaling out a web site ever was. There's still hard work to be done along the way, and it helps to have the tools to actually understand what's going on with your site. At the lowest level, when you have a crashing server, you want DebugDiag. At a higher level, you better have SysInternals in your toolkit too - these are must have tools, and they're free. Gotta talk web for episode 404, and Scott delivers!


#403 - January 14, 2015

The End of Windows 2003 with Eric Mills (Guest Info)

Ready for the end of Server 2003? Richard chats with Eric Mills about the end of extended support for Windows Server 2003 - it had to come sooner or later! There are still millions of instances of Server 2003 out in the world, and they won't exactly spontaneously combust come July 2015, but the important bit is the end of tech support and security maintenance. The good news is that there are so many improvements that have happened to Server in the past ten years - you're going to love it! Eric talks about various approaches to migrating to a new server, pointing out that there is no way to directly upgrade from 2003 to 2012. Perhaps it's time to look at the cloud for some of your services? It's worth getting some help to make these decisions!


#402 - January 07, 2015

Getting Started Using Azure with Rick Claus (Guest Info)

Thinking about getting into Azure? Now is a great time! Rick Claus talks to Richard about how Azure continues to evolve making more entry points at lower levels of friction for a larger variety of customers. The conversation ranges over using Azure for disaster recovery, for application elasticity, building hybrid solutions with parts in the cloud and parts on-premise, and more! Want a VM in the cloud? Azure can do that too. Rick runs down the gamut of options for the IT Pro to get Azure into your organization one step at a time.


#401 - December 31, 2014

Sony, North Korea and Cyberwarfare with Troy Hunt (Guest Info)

It's New Years Eve, time to get scared! Troy Hunt is back and talking about the evolving story that is the Sony hack involving North Korea. The show was recorded on Dec 22 2014, after hackers had threatened movie theaters with "9/11 style attacks" if they showed the movie "The Interview", which was deemed derogatory to the North Korean government. What happens next? Are we entering a new period of cyber warfare? What can we as IT professionals do to protect our companies and customers from these kinds of attacks?


#400 - December 24, 2014

It's Show 400! (Guest Info)

Holy cow, it's show 400! How did this happen? Richard invites his friends Paul Randal and Kim Tripp to have a little celebration, talk about what it takes to make a ton of podcasts. The conversation starts with a more personal discussion about what motivates Kim and Paul beyond SQL Server - animal rescue and exploring the world. Half through the show a fairly serious discussion about SQL topics... who would have thunk it on the 400th show? Thanks to everyone for making this milestone possible, we couldn't do it without you.