Being an IBM-recognized leader in cyber threat management, Encode takes care not only of their clients’ security but also follows strict security controls when it comes to cooperating with external vendors. For this reason, all code development, debugging, and testing from our end was performed on a remote workstation.
The bulk of our development efforts was aimed at refactoring and switching to Elasticsearch as the main data storage instead of MySQL + Splunk. The intricacy lay in that we had to translate business logic and complex algorithms for calculating metrics using a new database. This, in turn, quite often caused difficulties in implementation since the required dataset could still be partly stored in MySQL. Another hindrance was that in Elasticsearch, the data aggregation might not be implemented in the same way. Therefore, we had to look for alternative solutions.
We also had to use only the latest version of Elasticsearch and contribute to the official Python libraries (bucket sort aggregation patch, generating Swagger specification fix, resource grouping fix) that struggled to fully support the new functionality as quickly as we needed.
Another deliverable we shipped is the system’s Audit Log. The latter is a crucial piece of the platform’s functionality, especially from a cybersecurity standpoint. Providing records of all activity, including suspicious activity, Audit Log helps detect vulnerabilities before advanced persistent threats are put in place, track malicious performance, and enhance overall security.
The new version we were working on also presupposed an upgrade in how Encode provides their services to clients. For that, we designed and implemented a multitenant architecture. In the previous version, it was necessary to supply each client with its own instance of the application. In contrast, in the new version, all clients can be served by a single instance with complete data isolation. This greatly simplifies delivery and regular updates to the product’s latest version and significantly reduces infrastructure costs.
One more must-have feature we implemented is a role-based access control system (RBAC). It provides more flexibility in the selective management of access to resources. Moreover, RBAC allows Encode to improve operational efficiency, enhance compliance, optimize resource use, and decrease the risk of data breaches and leakage.
We also reworked and improved the app configuration module.
Lastly, we updated and expanded all the available unit tests and introduced integration testing. Products like Enorasys require a doubled amount of testing, so we made sure QA can be performed on a decent level.