The Definitive Enterprise Architecture Blueprint
As we approach a new decade, rapid technical changes and advances present a raft of new challenges for business leaders. For CIOs in particular, the stakes have never been so high; a plethora of new opportunity abounds, but get the dynamic between business and IT wrong, and the company will become fragmented, its tools and process unwieldy and impossible to manage.
An enterprise architecture practice makes it possible to model the entire organization and make informed strategic decisions. From here solutions across the business can be derived with a full understanding of their implications, and an effective realtime analysis of their success.
CIO Challenges: Mounting Technical Debt with an Unclear Roadmap
The concept of technical debt has been well understood in software development for decades, but it applies just as well to a firm’s overall technology infrastructure. Enterprises will often maintain legacy systems well beyond their useful life, or cut corners to meet project deadlines and then fail to adjust or update the technology workarounds used. As these old and low quality systems proliferate, costs rise and it becomes increasingly difficult to enact changes.
This eBook will look at how technical debt will mount for businesses and the difficulties of addressing this problem without a clear and sensible roadmap.
The 2021 Tidelift Open Source Maintainer Survey
In early 2021, Tidelift fielded its first-ever comprehensive survey of open source maintainers. Nearly 400 maintainers responded with thoughts about how they fund their work, what they enjoy about being a maintainer, what they don’t like so much, along with a host of other interesting insights.
Over the following pages, we’ll share nine of the most interesting findings with you.
OSS Supply Chain Security and How to Help Your Overburdened Dev Team
In this Upstream chat, Tracy Bannon from MITRE joined us to discuss why it took so long, what is happening now that will help organizations positively impact their own security preparedness, and how we can bring forward good ideas and warnings in the future.
She discussed how to talk about risk profile and ways organizations can force-rank priorities. She also discussed why it’s important to reduce cognitive load on the development teams and why it’s important to offload some tasks onto trusted vendors.
Tidelift CEO and co-founder Donald Fischer then joined the discussion and explained how all this applies to open source software specifically. Donald and Tracy discussed the recently disclosed security vulnerability in the Apache log4j project, which has been dubbed “Log4Shell”, why it’s important to address quickly, how to address it, and how to better prepare for future vulnerabilities. You won't want to miss this.
Everything You Need to Know About the Log4Shell Vulnerability
Log4j is a popular library for logging things in Java applications. Practically every organization that uses Java (Maven/Gradle) uses Log4j and has likely been impacted by the log4shell vulnerability.
In this 20-minute briefing, Tidelift solutions architect lead Mark Galpin shares what you need to know about the recent Log4Shell vulnerability—and demos how Tidelift can help.
Mark breaks down the current situation and shares tips for remediating the issue. You won't want to miss this.
The No-Nonsense Guide to Microsoft 365 Delegated Administration
The needs required by today’s complex IT environments that span multiple locations goes well beyond the intended capabilities of out of the box Microsoft 365 (M365).
Download this white paper to learn more about:
- Security challenges related to native M365
- How to delegate administration and access in M365
- The ROI of delegated administration
- And more
The 2021 Tidelift Open Source Maintainer Survey
In early 2021, Tidelift fielded its first-ever comprehensive survey of open source maintainers. Nearly 400 maintainers responded with thoughts about how they fund their work, what they enjoy about being a maintainer, what they don’t like so much, along with a host of other interesting insights.
Over the following pages, we’ll share nine of the most interesting findings with you.
Thinking Upstream About White House Cybersecurity Order 14028
A few months ago, the U.S. White House released cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.
Recent high profile breaches like the Colonial Pipeline ransomware attack or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.
Tidelift CEO and co-founder Donald Fischer shares his perspective on how the cybersecurity executive order impacts software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close in order to stay in compliance. And he’ll share a proactive approach to addressing open source software supply chain health and security upstream.
If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this briefing.
Cooking with Tidelift
When cooking for friends or family, many of us go out of the way to seek the freshest, tastiest ingredients possible. You may have favorite producers at the local farmers market, or brands from the grocery that you've come to know and trust. But when choosing the ingredients that make up our open source applications, we often bring in new libraries without any guarantees that they are safe and well maintained.
We wanted to distill the idea of managing open source down to something so simple, you could explain it to a child, so that’s why we wrote a children’s book about enterprise open source software management. Yes, we just used the phrases “children’s book” and “enterprise open source software” in the same sentence.
We call it Cooking with Tidelift, and it will show you how we can help you create catalogs of known-good, proactively maintained open source components to ensure your apps are as safe and healthy as they can be.
How Configuration Management Systems Deliver Change and Compliance
The fundamental capability which configuration management provides is backup and archiving of critical configuration data from network and server equipment. This along with collecting detailed inventory data provide the basis for managing change and compliance.
The ability to detect, report and alert on change in near real time improves overall service availability and reduces the time required to identify the cause of incidents and outages.
This paper is to help Network Engineers, IT Managers and Executive Leadership understand the benefits of configuration management and how it contributes to change and compliance management at the business.
Optimizing and Automating Event Management to Support Incident Management
Opie has just arrived in the office and sat down to check his email. “Holy moly!” He yells out. He is looking at a massive influx of email messages in his Inbox from the Event Management tool, which was just configured to send out the alert notifications via email. “There’s no way the operations team will be able to respond to all those notifications in an efficient and timely manner. There has to be a better way to handle and address network events.”
NMS Security Architecture Considerations & Approaches
The purpose of this article is to provide some practical guidance on securing Network Management systems and associated infrastructure. While it can’t make any guarantees of absolutely protecting from similar attacks in the future, implementing these approaches can make the job of an adversary significantly harder. It will also propose techniques for increasing the probability of detecting breaches, which should be a significant consideration within any security solution.
This article cannot provide exhaustive coverage. However, it will focus on delivering actionable guidance that will have a tangible impact in strengthening the Network Management’s security posture (and potentially other) Systems.
An IT Managers Guide to Network Process Automation
This guide is designed for IT Managers looking to implement Network Process Automation in their organisation. It discusses the best approach for change management and team buy-in, provides a methodology framework to use when considering the automation of a manual task in a network environment and the Tsteps to take in order to identify an effective test case for your organization.
Nextlink Takes Network Management to the Next Level with Opmantek
In 2019, Nextlink implemented solutions from Opmantek for its monitoring, management, data collection and other operational tasks across its network. One of the products Nextlink uses, an event manager that automates event handling through extendable policies that enrich, correlate, organize and manage all the events in Nextlink’s environment.
With opEvents, Nextlink can automate event diagnostics and leverage intelligent automation to remediate network events which has helped to streamline its workflow. Using process automation, opEvents, modelled by Nextlink’s troubleshooting procedure, automates the troubleshooting and remediation of events, reducing the mean time to resolution (MTTR) when faults occur.
The 2021 Tidelift open source maintainer survey
In early 2021, Tidelift fielded its first-ever comprehensive survey of open source maintainers. Nearly 400 maintainers responded with thoughts about how they fund their work, what they enjoy about being a maintainer, what they don’t like so much, along with a host of other interesting insights.
Over the following pages, we’ll share nine of the most interesting findings with you.