Helped a Technology Security Giant Secure funding of $12 Million by Improving the Platform’s Security Posture & Integration Capabilities

Our client wanted to rapidly expand their engineering team to build a Security Tools Integration platform, streamline Project Management integrations, and ensure continuous platform compliance. We identified three key tools that needed to be developed to improve the application's security posture and ensure compliance.

• Security Tools Integration Platform - We decided to build this platform to collect information from 150+ security tools like AWS Security Hub, Buildkite, Clayton, Drone, freshservice, Gitlab, and Google Cloud. The platform would collect data at different times, either periodically, instantly, or on request. Further, the data would be presented in a standard format to analyze easily, compare, identify, and remove duplicate data entries.
• Project Management Tools Integration - The client wanted to gather data on security incidents from Jira, ServiceNow, AzureBoard, and other similar systems and create tickets for them on a single dashboard. This will enable real-time monitoring of potential security incidents. We decided to integrate the client’s platform with other systems to deal with security vulnerabilities by tracking progress, and a timeline for issue resolution.
• Continuous Compliance Platform - The client wanted the platform to stay compliant with regulations such as SOC-2 and HiPPA. We decided to build this tool to evaluate the system for vulnerabilities, run compliance checks, and identify room for improvement.

The customer approached us owing to our extensive experience in the security space. They were impressed with our demonstrated technical aptitude in platform integration projects across multiple tools and hands-on experience with major regulations such as PCI DSS, HIPAA, SOC 2,  TISAX, ISO 27001, GDPR, FEDRAMP, and ASVS.

Our highly skilled team of Tech leads, Backend Developers, DevOps engineers, and DevOps Developers took up the challenge of developing these first-of-its-kind platforms. Throughout the project, our team adhered to tight timelines and ensured that no delays occurred.

After in-depth brainstorming, we came up with the plan of architecting two different platforms and the Project Management tools integration in parallel.

Building the Security Tools Integration Platform

• We understood the diverse security tools and outlined common interfaces that will parse data from these tools and store them in a standard format.
• Post that, we made the data provide functionality for deduplication and mitigation of the vulnerabilities. This particular component was known as Parser.
• As the next step, we added all the common interfaces to pull the data from different tools using APIs provided by the tool.
• After having the data, we pushed that to the Parser components for further processing and added a time-based scheduling component to these tools that varied based on the customer's needs, which we named the scheduler.
• As we integrated different tools, Scheduler helped us swiftly overcome the challenges in handling data such as network failures, rate limits, large data volumes, and incremental updates.
• We then had the base components ready. Post this we worked on improving the platform by enriching data from various security tools, adding developer information to vulnerabilities, incorporating extra information based on CVSS values, offering SLAs, and more.
• While making the enhancements, we added Bi-direction sync between vulnerabilities pulled and managed in the client’s platform tool. This helped synchronize the platform's status /severity /comments to the security tool and vice-versa.
• We then added support for webhook-based integrations to the security tools that helped us further optimize our implementation.

Integration of Ticketing Systems

• Our client aimed to provide their customers with vulnerability resolution tracking, including triaging/fixing/resolution.
• We integrated the client’s ticketing system with Jira and enabled users to create and track Jira tickets from the platform. If there were any modifications in Jira those were reflected in the platform.
• We extended our ticketing system integration to similar tools like ServiceNow/AzureBoard/PagerDuty/MSTeams/ShortCut/FreshService/Gitlab Issues.
• We then added bi-directional sync between the platform and customer ticketing system like automatically closing/reopening tickets based on vulnerability data. This enabled the auto-creation of tickets based on certain user-defined rules and provided support for webhooks with real-time status updates.
• We also built an application for Jira that enabled visibility to all the vulnerability information in Jira itself and helped manage the vulnerability life cycle seamlessly.

Building the Continuous Compliance Platform

• Our client wanted to build continuous compliance as an offering of the platform. We already had the vulnerability data from their customers, we had to map these vulnerabilities to different compliances and automate them.
• Our team had a solid grasp of multiple compliances like HIPAA/ASVS/ISO and how to create common structures around them.
• We then started mapping different compliance rules to find attributes like CWE/CVE, and we soon had an initial set of mapping and common data structures.
• We then built an initial version of a compliance platform that evaluated data approaching from multiple tools against compliance rules and started flagging compliance failures.
• We built a dashboard for reporting compliance failures, allowing users to compare reports and customize compliance policies based on their needs, including ignoring specific rules or violations.
• The platform ensured continuous compliance by alerting the customers when specific compliance rules were breached. These alerts were triggered as soon as the vulnerability information was pulled using the tools integrated.

We are currently assisting our client in integrating other multiple tools, enabling swift releases of new features, and ensuring compliance with industry standards. With our expertise in DevOps, we are also helping client in managing their DevOps processes using technologies like Jenkins, Terraform, and AWS. This has enabled increased collaboration between development and operations teams for faster and more efficient software development cycles.

Tech Stacks used to build the Platforms

• Spring Boot - Used for the base framework for RestAPI/Dependency injection
• Spring Security - Application Security
• Spring Data - Used for interacting with different Storage layers like RDBMS/Redis/ElasticSearch
• ElasticSearch - Primary storage for storing vulnerability data.
• Kafka  - Async communication platform
• AmazonS3 - Used for storing raw vulnerability data that is exported from various tools and also used for backing up the historical reports
• SQS - Primarily used as a queue for AWS event bridge and S3 update events
• AWS Events Bridge- Scheduling related requirements (deprecated)
• MySQL (aws aurora) - Used for primary storage for relational metadata like user/project/organizations etc
• Jenkins - CI/CD
• Terraform  - Automation of AWS infrastructure creation/deployment
• AWS  - Cloud provider for application deployment
• Quartz - Application scheduling and job management