Application Security Testing: An Integral Part of DevOps
It is good to be back from Tech Ed. I actually go a couple of days early for meeting with additional groups such as INETA and the Microsoft MVP program group.
In all the meetings and time spent at Tech Ed this year, one thing became obvious. We are in a 'catch up' period. There has been a ton of news and products coming out of Microsoft over the past few years, including Visual Studio 2005, SQL Server 2005, Windows Vista, and .NET 3.0 with its WPF, WCF, WF, and Cardspace. There also have been technologies such as AJAX and a Silverlight beta getting lots of coverage. On top of all this, Microsoft has been beating the drum on Visual Studio "Orcas" and its new LINQ data features as well as on new versions of SQL Server ("Katmai") and Windows Server ("Longhorn"). It is an understatement to say that the days are busy at Microsoft.
With all the cool products in the pipeline, you'd think there would be grand announcements and loud bands playing at Tech Ed. This is, after all, the big show for IT people. It is where Microsoft can make big noise and build the excitement.
Of course, this seems to be a reflection of Tech Eds past.
In one of the most subdued Tech Eds that I can recall, there were no bands before the keynote, no cheering sections, and no real comedians. They did have Christopher Lloyd as "Doc" from Back to the Future. Unfortunately, even the Delorian seemed to have a slow time at rolling onto the stage. Not even Microsoft's Bob Muglia was able to bring the excitement to the stage. Maybe if Steve Ballmer had shown up to yell "IT, IT, IT" it would have gone better.
The Keynote was not without some substance. Granted, there was a lot said that was lacking. Bob Muglia stated he wouldn't talk about "Vision" because that tends to be inapplicable for today's needs. Of course, he did talk Vision. Christopher Lloyd was to interrupt when such "vision talk" happened; however, I think he fell asleep behind the stage because he seemed to have missed the cues.
The "big" topic of the keynote was "Dynamic IT". In a keynote where they talk about things like Microsoft Bob, Clippy, and Hailstorm, you can quickly assess the value of the newest buzz term "Dynamic IT". It can go into the bucket with Microsoft DNA and many other worthless jargon terms. This is not to discredit the concept of a dynamic IT group, but rather to state that this seems to be a naming of the obvious.
There were chances for the keynote to boom out cool information. New names were announced for Visual Studio "Orcas" and SQL Server "Katmai" as well as for Windows Server "Longhorn." With Visual Studio and Windows Server promised for later this year and SQL Server expected in 2008, these were the products to be heralded onto the stage and given great fanfare. These were the products to have their names announced to the media and to the world at large. These were products tob&.
It seems that Microsoft may have realized that a drum roll, confetti machines, or even a band playing could not help to add excitement to the announcement of the names of these products. As you've likely read, each was named as 2008: Visual Studio 2008, SQL Server 2008, and Windows Server 2008. Can you feel the excitement permeating from those names?
Although I am giving Microsoft some grief about the Tech Ed keynote, let me clarify one thing. These products actually are worthy of excitement. Each brings some new functionality and features that will be of value to each of us. We've had a number of articles on LINQ on Codeguru already. Additionally, updates to the IDE are going to make doing AJAX and other coding features easier. SQL Server 2008 and Windows Server 2008 are also bringing new features that we will talk about in later newsletters. These are products that are bringing more to the market, so they are worthy of more excitement than Microsoft gave them.
Microsoft touched on some smaller items in the Tech Ed keynote as well — items worthy of some attention. One item is "Server Core." In brief, Windows Server 2008 allows you to install just the components of the operating system you want. If you just want to run a Web Server, you need IIS and a few other things — you don't need the entire server. "Core" lets you install just what you need or want.
Other interesting things coming with Windows Server 2008 include the Virtual Machine Manager and Quick migration. These provide functionality for converting VMWare VMs to Windows and functionality for moving VMs from one machine or location to another. With the increased usage of VMs, these tools are worthy of a bit of excitement (unless you work for VMWare).
As a developer, one thing that I noticed that wasn't announced in the keynote is a new edition of Visual Studio. In 2008, there will be an additional edition called Visual Studio 2008 Shell. This edition will allow you to freely extend Visual Studio. This has been done in the past to add additional languages to Visual Studio. It has also been used fto include add-ins within Visual Studio. In addition to the extending, you also can use parts of the Shell functionality to create your own product. This "isolated mode" usage allows you to use parts of the IDE and extend them into your own tools or products. For example, you could use the code editor to create your own editing tool. Microsoft stated that such isolated mode usages can even be done royalty free.
In a lot of ways, the use of Visual Studio Shell is similar to the Eclipse framework. A number of companies have already started looking into the use of this new approach. For example, Brian Feldman, CTO of GrafX Software, stated that the company made the decision to use Visual Studio Shell so that they could focus on creating the features specific to their tool rather than focusing on building an IDE. Additionally, the familiar user interface gives heir customers the ability to use existing skills.
Other things mentioned in the keynote were more details on SQL Server, a very brief demo of Silverlight, and SaaS. One of the biggest tidbits I noted was that the Xandros Linux distribution has also signed an agreement with Microsoft. This means people can't be mad at just Novell any longer!
In addition to the products I've mentioned, Microsoft also commented on a number of other products that have recently been released or that are due out over the next year. It was clear the Microsoft has been very busy. What wasn't clear was whether they were taking time to be excited about all of it!