Case Studies - AretecSBD

Case Studies

Cloud Migration SITUATION: CMS-CCIIO sought to migrate the Federally Facilitated Marketplace (FFM) from its current on-premises virtual data center providers into a Cloud-hosted environment.

SOLUTION: SBD migrated all 17 modules into the AWS cloud utilizing Puppet, Nexus Pro, SonarCube, Fortify, and Splunk. Our Team continues to optimize in the cloud to reduce costs, increase monitoring and availability, mature continuous delivery practices, automate security, and implement platform improvements.

BENEFIT: The transition to a Cloud-hosted (AWS) environment allows for economies of scale and on-demand scalability as needed to better meet the system resource demands and business cycles of the Marketplace.

DevSecOps Pipeline SITUATION: CMS required a DevSecOps solution to keep pace with evoling CMS enterprise standards, and more importantly, that focused on empowering Product Owners with Release On-Demand capabilities.

SOLUTION: SBD provides digital services using a hybrid agile development approach that aligns to the CMS XLC by integrating a fully automated DevSecOps Pipeline and process. SBD utilizes tools such as GitHub, Jenkins, Ansible, JUnit, SonarQube, Fortify, Nexus, OWASP, Selenium, JMeter, Splunk, New Relic, BurpSuite, JBOSS and ChefInspec.

BENEFIT: In the base year of the contract, O&M costs were estimated at 70% of contract costs and 30% New Development. Our team has reduced O&M costs to 40%, enabling new development spend to increase to 60%. We also decreased our patching time through automation by 71% in a span of three months.

Security Orchestration, Automation & Response SITUATION: Our SOC personnel conduct information assurance activities designed to ensure system and application compliance with RMF guidance. Our team is responsible for maintaining system/application/data security and analyzing both data and reports to determine agency vulnerability to network and desktop-based attacks while recommending actions to prevent, repair or mitigate these vulnerabilities.

SOLUTION: Our Security Automation and Orchestration has been successfully implemented at DHS USCIS resulting in more secure security posture as well as efficiencies and cost savings.

BENEFITS: Over $800k in Savings in the first 8 months of implementation. Automated over 80% of Tier 1 functions. We are reporting over 64% of incidents across all of DHS. Customize Cyber Threat Intelligence exposes indicators before an agency is targeted. Enhanced resource allocation and efficiency.

Abnormal Trading and Link Analysis SITUATION: The SEC Enforcement Division had a requirement for a tool that combines multiple trade data sources with quantitative statistical analysis and querying techniques that could be used to identify Insider Trading and other trading violations.

SOLUTION: Aretec developed a data science platform, NEAT, that interfaced with ATLAS, a new Commission application that finds these potential financial security violations by surveying equity and fixed income data and identifying suspicious trading activity. ATLAS is a machine learning tool developed on the NEAT platform to take advantages of economy and scope, eliminating overlapping functionalities in the examination and investigation workflows.

BENEFIT: Our solution powers the analysis of SEC Enforcement Division Bluesheet timestamp cases and has resulted in over $6,000,000 in fines, and a backlog of fines to be levied. ATLAS is also responsible for numerous Insider Trading cases in the Commission’s Enforcement pipeline and has saved the Commission over $1,000,000 in development costs.

Privacy Policy

508 Compliance