Design Before Coding: Kanban

The first post in this three-part series focused on gathering requirements before spending time coding.  While it is not necessary, I recommend that everyone read part 1 (Gathering Requirements).  Understanding and having clear “User Stories” outlining the intended purpose of a tool is crucial, especially as we move towards building our new tool.

Once our “User Stories” have been defined and agreed upon by all stakeholders, we then need to begin breaking them down into tasks.  There are many different methodologies that allow us to track these different tasks. Part 2 of this three-part series will focus on one of them; Kanban.

I use Kanban daily, both personally and professionally.  If you want to understand the principles of Kanban, then I recommend that you start with this Wikipedia page. No matter what methodology or process you use, having a consistent and repeatable utility is a must.

This post will go over using Kanban both digitally and manually, but first you must understand the general purpose of Kanban.  Tracking our work can be difficult, especially with the use of E-mail, Slack, Skype, Teams, Yammer, HipChat, etc. etc.  The constant communication that is available to us is overwhelming, but having a central location that you can organize your “To-Do’s” or tasks is necessary.  Not for our management or organizations tracking purposes, it is so that we can track exactly what we need to do next.


The theory of Kanban is to visually identify items that need to be worked on. Kanban allows you to understand what tasks need to be worked on, which ones are in-progress, and which ones are complete.  Using this information, we begin to identify any blockers or obstacles that may need to be fixed so that an item/task can move from “To Do” to “Done”.  This principle helps us identify our WIP (Work in Progress) so that the flow between “gates” or “hand-off points” is as smooth and controlled as possible.  Think of this like an assembly line:

Let’s say we have two workers in an assembly line.  The first person’s job is to paint a car door handle, the second person’s job is to install that door handle on a new car.  If the first person can paint 5 handles in 10 minutes, but the second person takes 10 minutes to install the handle; we have a problem.  This means that we either need to increase staff that install car door handles or maybe the same person should do both.

Understanding these blockers will help us identify gaps in our processes, or the lack of labor to accomplish our goals.  Visually displaying this information on a Kanban board is much easier to understand than a bunch of tasks lists or “tickets”.

There are many tools available for a digital Kanban board.  I have listed a few below that are both free and paid.  In my professional life, I use Jira’s Kanban feature.  In my personal life, I use both a whiteboard with post-it notes and built-in features of GitHub Projects (example):

If you just do a quick google search for “free Kanban tools” or go to and search for “Kanban” you will find many open source projects that you can host yourself.  If you don’t want to host it yourself, then check out  If you think a digital tool would work for you, you can even use Outlook (here or here) or Gmail to manage your tasks in the Kanban style.

I’m not sure about you, but I personally carry a leather-bound notebook (with DoanePaper) with me wherever I go.  Whether at work, out with friends, going to bed, etc., I always have my notebook.  In my opinion a digital tool is great, but I’m faster at writing things down on paper than I am opening an app.  Plus, I always have it with me.


Another option or addition is by using a whiteboard in your home or work office.  The first thing you do is draw some columns.  Typically, you have three different columns: To-Do, In-Progress, and Done.  Starting out you will have everything in your To-Do column.  As you begin a new task you move that sticky-note to the In-Progress column.  If that item gets blocked or cannot be completed, you should move it back to the To-Do column.  You should only have a few items In-Progress (ideally, you would only have one).  Once you have completed that task, you move it to the Done column.

That’s it! Kanban allows you to visually see tasks and progress you are making on your projects.  The manual process is great for a single person or a team that is in close quarters.  If you’re spread out or in a cubicle this may not work as well.  This is where having a platform like Jira or Trello really shines.  Especially for teams that are global or in different locations.

Kanban is powerful, yet extremely simple. Using a tool to manage your tasks so that you understand exactly what you, your team, and others are working on reduces potential re-work while also making sure that all tasks for a project are complete (and on-time).  The third post in this series I will take the concepts of both post one and two, and we will begin to breakdown our User Stories onto our Kanban board.  Remember, we have not started coding yet.  Next, we will design how our stakeholders may use our new tool.  Understanding this, will speed up our development time and reduce re-work.


Design Before Coding: Gathering Requirements

If you have worked in IT for any duration, I’m sure you have overheard or been asked to build a tool to complete X or Y. Creating tools with PowerShell is fun, but it can become daunting when you create a tool that does not meet its intended purpose.  Without understanding the full requirements, you may waste time and energy on developing a tool that no one will use.

Creating tools with PowerShell to automate a manual process or to help an internal stakeholder accomplish a desired result, typically does not need to turn into a large initiative with a Project Manager or Project Management Office (PMO). Being tasked with creating these tools usually comes in the form a short conversation or through an email.  Out of habit, we usually dive right into writing a script or function to solve the problem.  This approach can cause a lot of re-work or redesign of our tool once complete.  Even though we believe we understand all the requirements, it is better to have the stakeholder create a “Goal Statement” that defines the intended purpose of the tool.  The “Goal Statement” helps everyone involved understand when the initiative is done.

A “Goal Statement” does not need to be a large body of work, it can simply be a couple of sentences or paragraphs.  Personally, I take the Scrum/Kanban approach and use User Stories.

User Stories are typically designed in the following format (there are different styles, but in my experience this the simplest form):

As a <type of user>, I want <goal> so that I <receive benefit>.

Having a defined User Story reduces re-work and ensures that all stakeholders involved agree on the intended uses of this new tool.  Agreement on the intended results of this new initiative may not solve the problem completely, but it’s a great start!

At this point, we have not written any scripts, functions, modules, classes, etc.  You may want to dive right into writing a POC (Proof of Concept), but I recommend that you hold-off.  Once all stakeholders have agreed on our User Story, we should move to the design phase (Part 3 coming soon).

Let’s say that we work on a “Automation Team” in our organization that focuses on building tools to streamline processes for both IT and business teams.  We have been tasked with helping the organizations IT managers identify and verify that all Active Directory groups in our Forest have the correct owners associated with them.  As we start our requirements gathering phase, we ask all stakeholders to provide our team with agreed upon User Stories.  Our team receives the following:

As a manager, I want to know all Active Directory groups owned by myself so I can ensure that they are correct. 

As a manager, I want to know all Active Directory groups owned by my employees so that I can ensure that they should have access. 

As a manager, I want to know all Active Directory groups that do not have an owner but reside in my Active Directory OU so that I can assign the correct owner.

Now that we have our agreed upon User Stories, we can begin the next phase; designing the “look and feel” of our new tool based on the requirements we have been given.  Having a general idea of what our stakeholders are needing reduces our work effort, as well as setting clear expectations that are agreed upon.

Understanding why we need to gather requirements is the first step.  The next post in this series I will discuss how you can use Kanban, digitally and manually, to organize our tasks so that you or your team can keep track of the status/progress along the way.

The final post in this series, we will begin designing our code layout.  This will help us and our stakeholders understand what parameters need to be present, what objects should be accepted in the pipeline, what return objects should look like, and how the new tool will be used.

How I Work

I recently saw this project shared by Adam Bertram, and decided that some of you may be interested in how I work on a day to day.

If you’re not interested, well then why the hell are you here?  You can see others that have participated here:


Where are you located?

First of all, my name is Josh Rickard and I’m located in Columbia, Missouri.  It sounds lame, but really it’s a great little town.  The population of Columbia is around 100,000 (without students).  With that being said, we have about 5 College’s/Universities, so our population increases quite a bit when students are in town.

What is/are your current gig(s):

I currently work at home for PhishMe; if you’re not familiar, then check us out:  My position at PhishMe is currently “Manager, Reporter Solutions Engineering”.  I’m a new manager, but we do anything and everything to do with PhishMe Reporter products (email client plugin/add-in to reporter suspicious messages).  When I say everything, I mean everything from customer engagement, support, troubleshooting, development, etc.

What’s one word to describe your work?


What apps, software, or tools can’t you live without?

Without a doubt, PowerShell.  Besides that, the biggest in each category are:

  • Apps
    • Jira
    • Confluence
    • Slack (and
  • Software
  • Tools
    • Doane Notebook and a great pen
      • I know, I may be the only one but I still carry a pen and piece of paper daily.

What does your workspace look like? (Take a picture if you can)

So, since I work at home but workspace can get fairly messy but I try to keep it as clean as possible (even though my wife says I don’t :))

img_1350 img_1351 img_1352 img_1353

What’s a typical workweek look like?

Since PhishMe is based on the east coast, and I live in the Midwest, I typically work in eastern time.  I’m a new manager, so my typical workweek contains of lots of project work that ranges from documentation, to building new tools (using PowerShell mostly), automating processes, moving development forward, and making sure that all our customers needs have been met.

What do you like the best about your role?

The best thing about my position is the ability to experiment and come up with new solutions for problems affecting our customers as well as new products.  Besides that, I love my team.  I have 8 guys underneath me and working them has made me excited for the next work week.  We have a highly jelled team, which, as you may know is extremely rare.

What’s something about you that no one knows about?

Some of you may know this, some of you probably not, but I went to school late in life; I’ve only been in IT for 5 1/2 years.  So you can say I’m still learning the IT way. 🙂

What do you listen to while you work?

I LOVE MUSIC!!!!  Like, seriously LOVE IT! But when I work, I don’t listen to anything.  I can’t.  I’m a traditionalist and I love listening to the lyrics of music, but while I’m working I get too distracted if I try to listen to music.

What do you wish you could change about your work?

Now that I’m manager of my team, I find that I can’t focus on scripting/coding as much as I used to be able to.  I’ve really only been manager for about 3 months, so most of my time right now is focused on process improvement and making sure all our projects are moving forward.

Is there anything else you’d like to add that might be interesting to readers?

I decided to list out my career progression and some projects that I’ve worked on:

  • Helpdesk at a small college (9 months)
    • Managed Accounts
    • Ran TONS of network cable
    • Implemented wireless across small college campus (College capstone project)
  • System Support Analyst – Entry (14 months)
    • Worked at a larger University/Medical
    • Re-organized AD, GPOs, etc for over 3,000 users/pcs
    • Learned and implemented MDT for all 3,000 users/pcs
    • GCWN (SANS Certified Windows Security Administrator)
  • System Support Analyst – Specialist (5 Months)
    • Implemented MDT for another division within the University
    • Guided a lot of initiatives that are still used today
  • Security Analyst – Specialist (24 months)
    • Hired as part of the Incident Response and Digital Forensics team for the University
    • Managed cases/investigations/etc.
    • Implemented QualysGuard Vulnerability Management for over 5,000 servers
    • Implemented/Designed Kaspersky Endpoint Security administrative console for entire campus
    • Developed automation & defense tools for protection of University assets.
  • Solutions Engineer – PhishMe (9 Months)
    • Solutions Engineer responsible for advancing development and products
    • Responsible for (ongoing) new products and solutions
    • Automate EVERYTHING!
  • Manager, Reporter Solutions Engineering
    • Responsible for global support, engagement, development and automation tools to support our global customers with more than 5.5 Million endpoints installed globally.
    • 8 Employee’s
    • Product development, enhancements, and bug hunting.

Besides all of this, I am responsible for tons of projects which can be found on my GitHub:

PowerShell Phishing Response Toolkit (PPRT)

Yesterday I gave a talk at ShowMeCon in St. Louis regarding PPRT.  I also gave this talk at CircleCityCon, but had some technical issues. 🙂  I wanted to write this quick post to share out my PowerPoint Slides from this presentation.  If you have any questions about PPRT, please reach out via this blog or create an issue on my GitHub page:—PowerShell-Phishing-Response-Toolkit


Slides: PowerShell Phishing Response Toolkit

PowerShell & Qualys: Get Asset Group Info – Part 2

Today I decided to write another post regarding PowerShell and Qualys Vulnerability Management API.  This post will focus on gathering information about your enrolled Asset Groups.   You can find the complete script on GitHub:

We start of by opening up PowerShell ISE and using our handy “Snippet” shortcut:


We select the “Cmdlet (Advanced function) – complete” option in the “Snippet” context menu.  Once we have our advanced function template, we then proceed by entering a name for our Qualys Asset Group function.

Since we will be gathering some additional information about our Asset Groups, I am going to name my function:

function Get-QualysAssetGroupInformation

Next, we will start by filling out our “Help” info.  At this point, a lot of people skip this step; I HIGHLY recommend that you do not.  It will help you and anyone else viewing your code, understand what your intention was when writing this function.

Next, we start by looking at our advanced functions template within the body of this function.  The first thing you will see is some default parameters for [CmdletBinding].  With my function, I’m going to weed these parameters down a bit, as they are not really needed.  Your function should look something like this when complete:

function Get-QualysAssetGroupInformation
                  HelpUri = '',
        # Param1 help description
                   HelpMessage="Please provide a credential obejct")]


After we have the base of this function setup and ready to go, we will start off by adding some code into our Begin block.  Remember, the Begin block will always run once for every call to the function.

	$results = @()
	$assetGroupInfo = @()
        [xml]$assetGroupInfo = Invoke-RestMethod -Uri "" -Credential $credential

Here I am setting my $assetGroupInfo and a $results variable as empty array’s/hash-table’s. Next, I’m casting my $assetGroupInfo variable as an XML object. This ensures that we receive XML from Invoke-RestMethod Cmdlet.

If we want to make sure that any errors are caught, we should add a Try/Catch block to our Invoke-RestMethod call. Your code should look like this:

        $results = @()
        $assetGroupInfo = @()

            [xml]$assetGroupInfo = Invoke-RestMethod -Uri "" -Credential $credential
            Write-Debug "Error using Invoke-RestMethod: $_"

Now we move to the Process block. This is where we will be parsing our data into our objects. As I mentioned above, we are wanting to gather all our Asset Groups Titles, their assigned IP Addresses, their role, and the users login ID. To do this, we must loop through each item, or branch returned by our query above. Each $item can be considered as an Asset Group. Additionally, we need to loop through each of the users assigned to that Asset Group.

Once we have that data, we want to create a Custom PSObject to hold all of this data. Your code should look like this:

	foreach ($item in $assetGroupInfo.SelectNodes("/ASSET_GROUP_LIST/ASSET_GROUP"))
		for ($u=0; $u -lt $($item.ASSIGNED_USERS.ASSIGNED_USER.LOGIN).count;$u++)
			$tempAssetGroupInfo = @()
                                $props = @{
			$tempAssetGroupInfo = New-Object PSObject -Property $props
                                $results += $tempAssetGroupInfo

Now, we can either simply put the following line in our End block:

return $results

But, I actually like it to be saved into an XML file. This means that I can use this data with other functions without having to call Qualys again. To be quite frank, as you may know, Qualys is not the fastest website/service out there. Don’t get me wrong, the scanning engines are fast, but their database(s) – not so much.

To return both the object and export the results to an XML, we can just add this one line of code:

Export-Clixml -Path "$env:USERPROFILE\Desktop\QualysData\assetgroupinfo.xml" -InputObject $results

That’s it. We now have a function that can return some details about our Asset Groups within Qualys. Next time, I will focus on creating a function that gathers our enrolled IP Addresses, split’s them into a single list.

Hint: Qualys loves IP ranges ( and their API calls return it the same way. 🙂