Discovery phase for Counter Tools

Software audit and BA processes expertise

DevOps expertise

Seamless security certification

Project overview

Counter Tools has worked with a web and mobile development team to deliver a software solution to California’s Department of Justice for the past few years. As of 2022, the project is in its maintenance period. The major near-term app-level enhancement would involve automation of the current human involvement in data merger conflicts. The California Dept of Justice wants to improve throughput and capacity for the built solution. In addition, the solution has to be compliant with the security protocols. The key needs for Counter Tools SaaS product lines include app-level feature enhancements; Django web framework upgrade; Cloud Controls Matrix protocol review and adoption where applicable; SaaS availability, uptime, reporting procedure review; penetration tests, and ethical hack methodology process.

Client information

Counter Tools is a US-based non-profit company and software tools provider that assists public health organizations in pursuing policy, systems, and environmental interventions that create healthier retail stores and neighborhoods. The company empowers communities to become healthier by helping public health practitioners and community members collect data on their local retailers, visualize disparities using maps, and mobilize for policy change.

Team composition

5 members

Client name

Counter Tools

Expertise used

Cloud solutions

Duration

1 month

Services provided

Discovery phase, Software audit, DevOps, Manual testing

Country

United States of America

Industry

Government

Business challenge

Counter Tools is committed to ensuring customer data integrity and security. The company had to find software security testing specialists to do penetration testing. So, the Counter Tools team asked us to help them prepare for penetration testing.

Technical challenges

This project needed high-level specialists in Business Analysis, Software Architecture, DevOps and Security engineering. We had to figure out how Counter Tools’ frontend and backend worked to recommend the right software testing strategy. So, we have successfully conducted a discovery phase and provided our findings to the client.

Solution delivered

During the discovery phase, DICEUS reviewed and assessed the Counter Tools’ documentation, source code, DevOps, DevSecOps, and QA strategies and processes. As a result, we delivered the discovery phase report that included gap analysis and all the findings. It consisted of the research objects, a code review summary, CI/CD processes analyses, BA summary, and recommendations. In addition, the functional specification, user story templates, and possible enhancement were presented. The other part of the project’s deliverables were recommendations on the security certification plan, high-level security recommendations for penetration testing, SoW of security consulting, gap analysis, and AWS Cloud security assessment.

 

Claim a 30-minute talk with our experts and get a step-by-step strategy for your project for free!

Key features

Code review summary

Our team did front-end and back-end code review, also referred to as software audit. As a result, the client received our recommendations on enhancements, SDLC best practices, test coverage, static analysis for code, and automatic tools for code review.

Requirements formalization

As part of our involvement into the project, we defined and offered an approach to requirements approval by the customer, set a level of requirements abstraction, and explained how to trace whether initial requirements are aligned with the requirements released.

CI/CD pipeline

We analyzed CI/CD processes the client had and provided some summary on how to better transfer code repositories from GitHub and build deploying processes from TravisCI to AWS tools (CodeCommit, CodePipeline, CodeBuild).

Security process recommendations

The client got recommendations on security certification plan, application security high-level recommendations, and penetration testing strategy.

Value to our client

Software audit and BA processes expertise

Based on the analysis results, code enhancement recommendations were presented. If implemented, the code improvements can significantly affect the quality of software maintenance processes.

DevOps expertise

The automation of software code testing during development can reduce the cost of identifying and fixing bugs after release by up to 30%.

Seamless security certification

The developed security certification plan can significantly reduce the costs of certification preparation and make the process smooth.

Our tech stack

Python

Django

AWS

PostgreSQL

Travis CI

Django REST

Celery 

Client feedback

I was impressed by the knowledge, skill, and professionalism that led the DICEUS team to successfully perform under unique circumstances and meet all of our needs. I also found the internal processes and structures you had in place to manage this engagement exceptional. The execution of your internal processes (document review, in-depth and probing questions, demonstrable industry experience, etc.) served to demonstrate your teams’ expertise in this space. That gave me confidence in DICEUS’ ability to handle complex development tasks and other activities that may be in Counter Tools’ future. Thank you for the experience and your support.

 

Ernest Hudson, Director, Systems Analysis and Delivery

Software solutions bringing business values