Select a logo below to learn more about our customer success stories
Clockspring supported Bank of America by providing design services and engineering support to improve three factors of IT Security: Third Party Risk Management, Vulnerability Management, and Application Security Assessments.
Clockspring integrated a COTS tool with a third-party API gateway, providing bi-directional data transfer to other Bank of America information systems. Clockspring coordinated implementation activities with three distinct teams to manage scope and balance staff resource utilization across task areas via an integrated project plan.
Clockspring worked with Third Party Risk Management stakeholders to convert their spreadsheet-based process to a formalized workflow capability which included assessment results, scoring, and POA&M management. This allowed for a continuity of the existing data gathering process and didn't require the vendors to change their process for answering the data calls, which allowed for a completely transparent transition to the new capability.
The Application Security Assessment capability improved the process of assessing the security impacts of software deployed throughout the enterprise and utilized daily by their 300,000 employees and contractors. This vigorous process requires software undergo up to 6 different types of security assessments to ensure the level of risk to the organization is understood before being approved for use.
Clockspring supported the FCC by providing Independent Verification & Validation (IV&V) in support of a $20 billion incentive auction.
Clockspring utilized the Selenium testing framework and the Gatling load testing application to develop a series of synthetic transaction tests which could be run against the proposed auction platform as well as the auction application forms.
These tests allowed for the simulation of over 1000 distinct users to validate that the applications were consistent with the design, allowed for the validation that the applications would work with over 800 distinct web browser configurations, and provided confidence that they could handle the anticipated load of a spectrum auction.
Clockspring is supporting the Department of Veterans Affairs Cyber Security Operations Center (CSOC) by implementing and maintaining the RedSeal Vulnerability Management and Analytics tool.
This implementation of RedSeal allows the VA to better understand the risks and threats from vulnerabilities present on infrastructure as well as the configuration of the network routers, switches, and firewalls.
By the end of the deployment this capability will manage several hundred thousand desktops, laptops, servers, routers, switches, and firewalls, and provide a robust analytics capability to support the VA secure configuration management, vulnerability remediation, incident response, and Continuous Monitoring operations.
Clockspring worked with Booz Allen Hamilton to implement a multi-tenant OpenShift platform-as-a-service cluster for a government client utilizing OpenShift, Kubernetes, Docker, and AWS.
This platform included an integrated approach to systems development and deployment, providing environment provisioning, horizontal application scaling, service recovery, back-ups, monitoring, and log aggregation.
14 Common Control Providers leveraging technologies such as Python, Java, NodeJS, and PostGres which developers could utilize to reduce the time required for the application to be granted an Authority to Operate.
The platform, developed on top of Amazon Web Services, was spread over multiple availability zones to provide a highly available and fault-tolerant solution for high-performance web applications.