Embracing a security-first DevSecOps model
About the company
A U.S.–based cybersecurity service provider that offers brand and customer protection solutions globally.
Challenge
A provider of an adaptive, intelligent, real-time threat protection service experienced a dramatic increase in demand for its product, a comprehensive, configurable platform with advanced phishing attack monitoring, targeted data sources and threat analysis. As a result, the company experienced rapid growth and recurring requests for additional features. Automating infrastructure creation, application deployments, quality control and monitoring had become critical to scale the platform, increase reliability and enable product innovation.
The service provider was looking for a technology partner to help it establish an industry standard DevSecOps practice and build and deploy pipelines to automate its manual processes, increase reliability and enhance its competitive market advantage.
What we did
- DevSecOps
- Continuous integration/continuous delivery (CI/CD) pipeline service
- Infrastructure as Code (IaC)
- Performance testing
- Architecture review
- Cloud operations and monitoring
Solution
Our team of DevSecOps practice leads, cloud practitioners, solution architects and engineers designed an IaC pipeline and delivered the following services:
- Assessed existing DevSecOps practices and architecture
- Served as a trusted cloud advisor for DevSecOps infrastructure, application architecture and design
- Built a reusable, standard Jenkins toolchain to build and deploy infrastructure and applications across the enterprise
- Designed a pluggable, dynamic, observable, reusable and modular CI/CD pipeline using Jenkins, Python, Artifactory, Docker and Terraform
- Designed and developed Jenkins Pipelines to deploy Amazon Web Services (AWS) services and components, including AWS managed Kafka, AWS Elastic Container Service, AWS Elastic Container Registry, AWS ElastiCache, AWS Application Programming Interface Gateway, AWS Elastic File System and AWS Application Load Balancer/Elastic Load Balancer
- Designed and developed Terraform templates to automate and provision infrastructure components
- Automated code build and tagging with devpi-server and containerization
- Deployed cloud and cloud-native applications to multiple deployment targets using CI/CD pipeline services
- Designed and developed automated pipelines for database deployments to AWS Aurora using Flyway
- Set up application monitoring using Elastic, Splunk and AWS CloudWatch
Results and outcomes
With the successful implementation of a CI/CD pipeline and delivery of IaC, the company realized the following outcomes and benefits:
100%
process automation
10X
faster deployments
100%
provisioning of rightsized cloud
Business benefits
- Rapid delivery of product capabilities via 100% process automation
- Improved reliability by reducing the provisioning of manual infrastructure
- Optimized cloud costs by enhancing the ability to analyze and provision right-sized scalable cloud components
- Faster turnaround time to set up new environments to build proof of concepts for new business opportunities
Technical benefits
- Enabled continuous software delivery with rapid iterations
- 10x productivity boost in build and deploy efficiency
- Provisioned homogeneous environments in accordance with enterprise cloud governance
- Improved code quality and performance
- Eliminated ad hoc changes to infrastructure