Our software development capabilities include utilizing the right technology stack to deliver innovative solutions using an Agile delivery methodology. While the tools and technology stack will change over time, our team continually demonstrates passion for software development and a commitment to deliver the best solutions to problems. We are experienced in building enterprise applications using open-source software packages and have developed various REST APIs served by a Java backend using the Spring Framework. We create user interfaces using tools such as Angular, Bootstrap, LESS, and we integrate build tools including Gradle and Grunt. We also have experience using Continuous Integration platforms including Jenkins, TravisCI, and CodePipeline.
We have specialized experience designing and implementing independently scalable and deployable, containerized microservices using Spring Boot, Docker, and the OpenShift Container Platform, on top of Kubernetes in the Amazon Web Services cloud. Our project portfolio includes both the development of new “green field” information systems using a microservice architecture and the incremental migration of legacy/monolithic systems to a microservice architecture. We leverage API management solutions such as Apigee, AWS API Gateway, and Kong to expose RESTful services, improve developer productivity, and provide robust security enforcement mechanisms such as centralized request authorization (JWT and/or key-auth), rate-limiting, and runtime controls.
We have extensive experience successfully managing vast amounts of data across the accessibility spectrum. Our database management system expertise includes H2, MySQL, Oracle, and PostgreSQL for relational data as well as NoSQL solutions including AWS DynamoDB, MongoDB, and Redis. We utilize open source tools such as Liquibase to automate the versioning and migration of relational databases. Our database infrastructure expertise includes both SaaS solutions such as AWS DynamoDB, ElastiCache, and RDS, as well as provisioned instances that leverage automation for installation and maintenance.
Our approach to securing our custom software applications revolves around the principle of using automation to build security into the development process “by default”. We have utilized a combination of static analysis with tools such as Sonarqube and HPE Fortify, runtime analysis using techniques such as penetration testing and tools such as Webinspect, and Docker container scans using Twistlock. We conduct vulnerability assessments using these tools and techniques as part of our continuous integration process. We tailor our security thresholds to the needs of both public and private clients with the goal of 100% compliance with pertinent security policies.
- Spring Framework (MVC, Boot)
- Event-Driven Architecture (EDA)
- Microservices Architecture
- NoSQL (MongoDB, AWS Dynamo DB)
- RDBMS (Oracle, PostgreSQL, MySQL)