Program Structure and Processes for Agile Development ............................................. 15 7 Planning ......................................................................................... to decompose. Users welcome iterative development User Timelines Operational environment does not7 Consider Agile Practices Assessment Areas Consider Traditional Practices and require frequent program, which has the Government program office, the contractor and end-users all located within a 7-mile radius. This close physical proximity has enabled the ISPAN’s development team’s adoption of an

[jboss 7.x 改名为 wildfly] 控制台弱⼝令,部署webshell Tomcat CVE-2016-8735 CVE-2017-12615 [ readonly 实际设为 true的情况较少,稍鸡肋 ] CVE-2020-1938 [ AJP协议漏洞, 直接把8009端⼝暴露在外⽹的不太多,稍鸡肋 ] 控制台弱⼝令,部署webshelll [ 注: 7.x版本后,默认加了防爆机制 针对不同⾏业⼀般也都会事先准备好各种各样的针对性的发信话术模板,以此来提到实际发信成功率 ] ...... 典型投递⽅式 第⼀种,直接给⽬标发送各种常规⽊⻢信 传统宏利⽤ 捆绑 exe[zip,7z] lnk chm ⾃解压 ⽊⻢链接 OLE CVE-2017-11882 [ 利⽤漏洞触发 ] ... 第⼆种,给⽬标发送各种钓⻥链接,⽐如, 利⽤各种⽬标登录⼝的钓⻥⻚⾯来窃取各种内⽹账号密码 Windows 系统漏洞 本地提权 [成功的前提是 保证事先已做好各种针对性免杀] Windows 系统漏洞 本地提权 [成功的前提是, 保证事先已做好各种针对性免杀] BypassUAC [ win7 / 8 / 8.1 / 10 ] MS14-058[KB3000061] [重点] MS14-068[KB3011780] [重点] ms15-051[KB3045171]

short lead times was small batch sizes of work b. Agile, Continuous Delivery, and the Three Ways 7 c. The First Way: The Principles of Flow 15 i. MAKE OUR WORK VISIBLE 1. A significant difference next step? g. What is your expected outcome? h. When can we check? 6. PART II—WHERE TO START 47 7. Ch. 5 Selecting Which Value Stream to Start With 51 a. GREENFIELD vs BROWNFIELD SERVICES i. DevOps anthropologists describe tools as a cultural artifact iii. Create shared backlogs and reporting 9. Ch. 7 How to design Our Organization and Architecture with Conway’s Law in Mind a. “Organizations which design

injections or threats 6. Resources (RAM, disk, CPU, bandwidth, and others with hard or soft limits) 7. Health & availability 8. Startups & shutdowns 9. Faults & errors 10. Circuit breaker trips 11. Delays feature will achieve desired outcomes. 3. Repeat iii. Intuit’s rampant innovation culture – went from 7 experiments/year to 165 experiments during the 3 month US tax season in 2010 with website conversion

reference data 4. Containers 5. Automated tests 6. Project artifacts – documentation, procedures, etc. 7. Application configuration files 8. This also includes pre-production and build processes 9. Tools production servers 5. Restarting VMs, containers, applications, etc. 6. Generating configuration files 7. Run automated smoke tests 8. Running test procedures 9. Scripting & automating DB migrations iii

References:  scaledagileframework.com  SAFe in 7 minutes - https://www.youtube.com/watch?v=RXzurBazN-I Scaled Agile Framework (SAFe): Dean Leffingwell - Agile Software Requirements: Lean Requirements

NDIA's Agile in Government Summit 6/6/2018-6/7/2018. Keynotes: Major General Sarah Zabel http://www.ndia.org/events/2018/6/6/agile-in-government/proceedings Agile and EVMS They Can Co-exist! ( per

Technique, Daniel Hinojosa, https://docs.google.com/presentation/d/1ufjcILARuowbv3Y9r-FP9-x3kmlIzq7bvOJBxRVh3-w/ present#slide=id.i0 [3] Flow: The Psychology of Optimal Experience, Mihaly Csikszentmihalyi