Join our exclusive webinar - "Unlocking Urban Mobility: The Mobility as a Service (MaaS) Revolution" on September 20, 2023! Register now.

Month: April 2018

Will Water Companies always supply and treat Water?

Posted on by admin

Will Water Companies always supply and treat Water? Will they evolve to do more than this? Or will other companies enter their market?

With the inexorable transition to more people living in large cities and conurbations, there will need to be an accompanying high concentration of basic utility infrastructure, including water, gas, electricity, broadband and mobile services. In most cases the cost of delivering these services per capita will fall as they become more localised, with denser but smaller infrastructure lengths requiring less pipe or cable compared to the distributed systems required today to support more geographically dispersed customers.

But what about those people who either choose to (or have to) remain in more suburban or rural areas, where the population density will be reduced? Currently there is a universal service obligation in many countries, an example of this being the price of a stamp to post a letter is the same irrespective of the dispatch or ultimate delivery location within a country.

While the price paid by the consumer for using a utility’s service varies a little depending on the utility supplier and tariff selected, the price for starting a utility’s service (any connection fee) and the tariff selected is fixed for each of the supplier’s customers even though the cost for the “delivery network operator” that provides the basic commodity or service on behalf of the utility firm can vary considerably. Those variations are based on differences in the point of supply, distance from the point of production, age of the delivery infrastructure, raw production costs, and other related factors. A similar model exists in apparel retail, where the price of an item is commonly the same, whether it’s a Small, Large or XXL size – although this is changing in some cases to reflect the substantially different quantity and strength of material required. Similar gaps are appearing and widening in the cost for sending parcels rather than just letters.

In the future, will the majority of people who live in cities object to subsidising (through higher prices) the provision of a universal service to people who live in less populous areas? How can service providers address this imbalance to make it seem fairer?

One option is through more micro-supply or micro-generation propositions in the thinly populated areas. This is already evident in the energy sector, where rural properties have the space for significant Photovoltaic solar energy production which isn’t the case for a thousand people living in a large high-rise apartment complex of the future with a small roof space.

Is there a parallel debate to be had for the supply of water?

Currently water utilities supply clean potable water for consumption, cooking, washing and bathing, and treat dirty waste water including sewage.

Clean water is supplied from several sources, such as rivers – now only permitted in extreme conditions to prevent them from drying up, reservoirs – some of which have disappeared, deep water aquifers – many of which are subject to climatic change, and other flavours of water supply. In the UK more rain falls in the west and north, but there are no large pipelines to supply water from these areas to the less wet south-east which has a higher water demand.

White goods manufacturers are constantly reducing the amount of water required to wash clothes and dishes, and bathroom equipment manufacturers are reducing the flow of water through showerheads, but we still see that water demand is steadily increasing with population growth.

There has been some effort by water companies to encourage rainwater harvesting and a reduction in the use of clean water for sewage, such as “Hippo” bags in cisterns – but this has had limited effect on the demand side to date. Something will have to change.

In the future, water companies may find that enabling customers with properties in less populous areas to collect and purify rainwater with new technology may be more cost-effective than having to maintain and replace lengthy and antiquated delivery infrastructure in order to meet ever increasing leakage, purity and other targets set by the regulator.

While the argument for rainwater harvesting is proven to an extent, the idea of localised treatment of wastewater is a lot less palatable. Technology may arrive at the point where complete treatment, recovery of “grey” water (for use in cisterns, washing of cars, watering the garden) and disposal of dried waste product, may be achievable in a much smaller space than is required today. What seems likely is that a number of smaller more-localised waste water treatment plants may be established, as even in the future the more advanced equipment required to perform this kind of small-scale treatment is likely to need more space than might be acceptable in a single property’s plot of land. This would ensure a consistent level of water purity and a single collection point for solid waste removal, which is often used today as a fertiliser.

Most water companies are used to complying with demands from the regulator. In recent years these demands have changed to cover service incentive mechanisms designed to improve customer experience, and minimum leakage targets to reduce waste in the supply of clean water.

Few water companies are currently expecting their business model to change dramatically. If the regulator ever allows for a non-universal service obligation, they expect to vary their pricing for connection and utilisation based on the supply location. However there is the potential for change if a significant number of their customers start to self-serve, either individually or as a local community. Should this happen it will encourage a wave of more nimble innovators to offer alternatives who will become competitors to the incumbent water companies. This move towards localised production is expected to happen in the energy utility sector, and some of the technology being designed for that purpose could be applicable to water. A series of smart water grids and localised supply and treatment capabilities can’t be far away.

At Ness we are always looking at disruption across industries, and challenging the status quo to help clients envisage a pathway to transforming their business.

Knowledge18

Posted on by admin

Join Linium, a Ness Digital Engineering Company, at the ServiceNow Knowledge18 conference taking place at the Venetian Hotel in Las Vegas, Nevada, May 7-10. Knowledge18 brings a new chance to hone your skills and take advantage of the innovations impacting your industry. Join us on the fast track to transformation – for you, your business and the future of your work!

read more »

Web Application Security Scanners

Posted on by admin

The more popular your web site or application, the more hackers there are out there who are keen to hack it. To protect your site, you’ll need to perform security testing. This article will describe the two leading approaches to testing web security: application security scanners, which perform black box testing, and source security scanners, which inspect the web application’s source code for vulnerabilities.

Application Security Scanners

  • An Application security scanner is a software program which performs automatic black box testing on a web application and identifies security vulnerabilities. Application security scanners do not access the source code; they only perform functional testing and try to find security vulnerabilities.
  • The Security scanner improves security for web applications and computer networks, by providing auditing and protection from threats and malware.
  • A scanner simulates a malicious user by attacking and probing, identifying results which are not part of the expected result set. As a dynamic testing tool, a web scanner is language independent. A web application scanner is able to scan engine-driven web applications.
  • Attackers could theoretically test their attacks against popular scanning tools to find holes in the scanning tools’ security coverage. So, many of the tools described here can be vulnerable against competent and broad-targeting attackers.
  • There are many commercial and Open Source security scanners available in the market which perform a deep binary analysis to protect your applications against threats and attacks.
  • Here are some popular application security scanners:
    1. OWASP ZAP (https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project)
      The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It’s also a great tool for experienced pen testers to use for manual security testing.
    2. Arachni (http://www.arachni-scanner.com/)
      Arachni is an open source application security scanner which runs as a separate service and provides a web interface to run / schedule the security scans. It generates a report with vulnerabilities and information about best practices to fix them.
    3. HP WebInspect (http://sectools.org/tool/webinspect/)
      WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer. It can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal and more. It was produced by Spidynamics, which is now part of HP.
    4. Veracode (https://www.veracode.com/)
      CA Veracode’s unified platform assesses and improves the security of applications from inception through production so that businesses can confidently innovate with the web and mobile applications they build, buy and assemble, as well as the components they integrate into their environments. It is a commercially licensed tool.
    5. SonarQube + OWASP plug-in (https://www.sonarqube.org/)
      The OWASP SonarQube project aims to provide open source SAST (Static Application Security Testing) using existing open source solutions. SonarQube is one of the world’s most popular continuous code quality tools and it is actively used by many developers and companies.
    6. WhiteSource (https://www.whitesourcesoftware.com/)
      WhiteSource integrates fully into your build process, no matter your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource’s constantly-updated definitive database of open source repositories.
    7. BlackDuck (https://www.blackducksoftware.com/)
      BlackDuck helps security and development teams identify and mitigate Open Source security risks across application portfolios.

    Source Security Scanners

    • Source security scanners examine the source code to detect issues or vulnerabilities in code or API’s, helping the developer write error-free code. Based on static, web or cloud-based applications, many tools are available in the market to check and scan the code to protect the application from vulnerability.

    Here are a few popular source security scanners.

    • Checkmarx (https://info.checkmarx.com/)
      Checkmarx is among the most powerful static source code analysis tools available today. It provides Visual Studio and Eclipse plugins for developers to run private scans.
    • OWASP Dependency Check (https://www.owasp.org/index.php/OWASP_Dependency_Check)
      Dependency Check is a utility that identifies project dependencies and checks whether there are any known, publicly disclosed vulnerabilities. Currently Java and .NET are supported; additional experimental support has been added for Ruby, Node.js, Python, and limited support for C/C++ build systems.
    • Fortify Static Code Analysis (https://software.microfocus.com/en-us/products/static-code-analysis-sast/overview)
      Fortify Static Code Analyzer reduces software risk by identifying security vulnerabilities that pose the biggest threats to your organization. It pinpoints the root cause of the vulnerability, correlates and prioritizes results, and provides best practices so developers can develop code more securely.

Is a Faster Web on the Horizon With WebAssembly?

Posted on by admin

In a new article for CMSWire, Daniel Masarik, development lead at Ness Digital Engineering, discusses the advantages of using the new, portable binary format WebAssembly. Resembling an assembly language for the web, this tool is being designed as an open standard by a W3C community group that includes representatives from tech giants Mozilla, Microsoft, Google and Apple. As Daniel writes, given the support it has from global players and its interoperability with the existing web ecosystem, WebAssembly is a technology that deserves to be taken seriously.

read more »

Ness Digital Engineering Completes Acquisition of Linium

Posted on by admin

TEANECK, NJ – April 3, 2018 Ness Digital Engineering, a portfolio company of The Rohatyn Group (TRG), has completed its acquisition of Linium, LLC, a digital business, engineering, experience and transformation consultancy. Ness Digital Engineering, a global company committed to helping its clients deliver dynamic customer interactions and business operations platforms, announced the definitive agreement to purchase Linium on March 14, 2018.

The acquisition gives Ness Digital Engineering expanded capabilities in delivering end-to-end digital enablement, while Linium can now offer its clients a wider range of digital platform development, customization and management services that complement its expertise. Linium maintains its name but is now a company of Ness Digital Engineering.

About Linium

Linium is a digital business, engineering, experience and transformational consultancy. A globally recognized firm, Linium delivers cloud-based enterprise platforms and solutions that position companies to achieve scale, drive growth and enable modernization. Linium has delivered 2,700+ successful engagements across an array of industries for over 17 years. Headquartered in Albany, NY, Linium has dedicated teams focused on the commercial sectors, federal government, and managed service providers (MSPs). Named to the Inc. 5000 list of the nation’s fastest-growing private companies for six consecutive years, Linium enables a blue-chip roster of clients, including 30 percent of the Fortune 100 companies, to achieve operational efficiencies through digital transformation and automation.

About Ness Digital Engineering

Ness Digital Engineering designs, builds, and integrates digital platforms and enterprise software that help organizations engage customers, differentiate their brands, and drive profitable growth. Our customer experience designers, software engineers, data experts, and business consultants partner with clients to develop roadmaps that identify ongoing opportunities to increase the value of their digital solutions and enterprise systems. Through agile development of minimum viable products (MVPs), our clients can test new ideas in the market and continually adapt to changing business conditions—giving our clients the leverage to lead market disruption in their industries and compete more effectively to grow their business. For more information, visit ness.com.

About TRG

Founded in 2002, The Rohatyn Group is an emerging markets asset management firm headquartered in New York, with offices around the globe including, Singapore, Seoul, London, Buenos Aires, Lima, Montevideo, Mexico City, São Paulo, Mumbai, New Delhi, Boston and Rotorua. For more information, please visit www.rohatyngroup.com.

Media Contacts

Vivek Kangath
Senior Global Manager – Corporate Communications
Ness Digital Engineering
Mobile: +91 9742565583 | Tel: +91 80 41961000 | DID: +91 80 41961027

Amy Legere
Greenough
alegere@greenough.biz
617.275.6517

test