Our experts have development experience in many major industries. With experience in financial services, our team was able to streamline CI/CD pipelines leveraging Azure platforms for a major FinTech organization.
The client is a billion-dollar, American multinational company that provides financial technology (FinTech) services to clients across the financial services sector – banks, thrifts, credit unions, securities broker-dealers, mortgage, insurance, leasing, and finance companies, and retailers.
Challenge
The client encountered a range of challenges, demanding swift solutions. They grappled with slow-release frequency to production, rework due to security vulnerabilities, escalated infrastructure costs, underutilized on-premises resources, and performance hiccups during peak hours. Release and Deployment Management, Infrastructure provisioning, and configuration management were lengthy, manual operations slowing down operations and lowering the frequency of application releases into production. Lastly, security was an afterthought and needed a more proactive approach.
Solution
Orion was brought in to work on automating their processes and increasing their operational efficiency. Using the Azure DevOps platform, the team developed CI/CD pipelines with notifications and approval gates for application build and deployment. We automated their infrastructure provisioning and configuration management. We shifted security left and integrated SAST and DAST tools to trigger security and code scans during the build process as well as secured secrets and certificates using Azure Key Vault. The process for regression testing of application code was also automated to perform multiple test cycles with every release.
Technology used includes:
- Azure Platform as a service
- Azure DevOps
- Azure Key Vault
- MS Build
- NUnit
- Veracode
- WizScan
- Terraform
- .Net Framework/.Net Core
Impact
Thanks to Orion, their release frequency improved from just two releases per year to bi-weekly releases. Infrastructure provisioning and configuration management time were reduced to less than 1 week. The client could scale up or down production application environments as per demand based on traffic or project lifecycles. Security was shifted left as vulnerabilities and issues could be found and addressed well in advance in the development lifecycle.