Cloud Migration SITUATION: CMS-CCIIO sought to migrate the Federally Facilitated Marketplace (FFM) from its current on-premises virtual data center providers into a Cloud-hosted environment.
SOLUTION: SBD migrated all 17 modules into the AWS cloud utilizing Puppet, Nexus Pro, SonarCube, Fortify, and Splunk. Our Team continues to optimize in the cloud to reduce costs, increase monitoring and availability, mature continuous delivery practices, automate security, and implement platform improvements.
BENEFIT: The transition to a Cloud-hosted (AWS) environment allows for economies of scale and on-demand scalability as needed to better meet the system resource demands and business cycles of the Marketplace.
DevSecOps Pipeline SITUATION: CMS required a DevSecOps solution to keep pace with evoling CMS enterprise standards, and more importantly, that focused on empowering Product Owners with Release On-Demand capabilities.
SOLUTION: SBD provides digital services using a hybrid agile development approach that aligns to the CMS XLC by integrating a fully automated DevSecOps Pipeline and process. SBD utilizes tools such as GitHub, Jenkins, Ansible, JUnit, SonarQube, Fortify, Nexus, OWASP, Selenium, JMeter, Splunk, New Relic, BurpSuite, JBOSS and ChefInspec.
BENEFIT: In the base year of the contract, O&M costs were estimated at 70% of contract costs and 30% New Development. Our team has reduced O&M costs to 40%, enabling new development spend to increase to 60%. We also decreased our patching time through automation by 71% in a span of three months.
Security Orchestration, Automation & Response SITUATION: Our SOC personnel conduct information assurance activities designed to ensure system and application compliance with RMF guidance. Our team is responsible for maintaining system/application/data security and analyzing both data and reports to determine agency vulnerability to network and desktop-based attacks while recommending actions to prevent, repair or mitigate these vulnerabilities.
SOLUTION: Our Security Automation and Orchestration has been successfully implemented at DHS USCIS resulting in more secure security posture as well as efficiencies and cost savings.
BENEFITS: Over $800k in Savings in the first 8 months of implementation. Automated over 80% of Tier 1 functions. We are reporting over 64% of incidents across all of DHS. Customize Cyber Threat Intelligence exposes indicators before an agency is targeted. Enhanced resource allocation and efficiency.