Skip to content

Software Architecture

Leveraging Golang's Efficiency and Scalability to Develop a Cybersecurity Management Platform

Leveraging Golang's Efficiency and Scalability to Develop a Cybersecurity Management Platform

Success Story

Scalefocus partnered with a cybersecurity consultancy leader to facilitate process optimization across their offensive security operations. Our team built a Golang-based vulnerability management platform that allows cyber advisers to collect and process information more quickly and cost-efficiently, eliminating manual work and providing better-quality insights. The solution’s backend now robustly handles large volumes of data and facilitates the automation and digitalization of the client’s comprehensive gap analysis reporting capabilities.

Comprehensive vulnerability management platform

Ensured
scalability & cost optimization

Supported
digitalization & automation

The Client

Our client is an international cyber security consultancy company that provides cyber threat intelligence, incident response planning, security strategy, policy review and other cyber security services to various industry leaders. Their teams help organizations become more resilient to threats and respond to attacks and crises better and faster. The clients cybersecurity advisory capabilities are comprehensive, and their recommendations span across operations, processes and culture.  

The Challenge

One of our client’s core business capabilities is identifying and resolving emerging threats ahead of time across the infrastructures of the organizations they work with. The company does that by performing penetration testing and employing various testing tools, including active and passive scanning, among others. The results of these procedures come in the form of information about current vulnerabilities that our client’s advisors then use to create detailed reports containing procedural, technical and cultural recommendations.  

 Even though our client has set a very high standard in security advisory, the company wanted to improve their processes further as they still required substantial manual work. Another objective was to increase the volume of the information collected, to present it in a more structured format and process it with fewer clicks. To achieve that, the client set out to build a Golang-based solution from scratch that had to automate and digitalize some of the processes of their offensive security. The solution would speed up cyber testing end-to-end and categorize common vulnerabilities, establishing an out-of-the-box baseline that boosts efficiency.   

The Solution

Once our team got fully onboard with the project, we took part in the discovery phase to identify its vision, goals and scope. To build a scalable and maintainable solution, our team implemented development practices and code quality using the latest guidelines for Golang development. We configured a scalable serverless API with Gin Framework in Golang as part of the platform for vulnerability management that includes the collection and processing of information provided by multiple security scanning tools. In addition, we were responsible for ​architecting the platform’s framework, building the enterprise architecture repository, and establishing the flow for seamless transformation and restructuring of data as required between environments. 

Our team was also in charge of setting up QA processes within the client’s technology ecosystem, developed front-end and back-end testing automation and used SonarCloud to identify issues and security hotspots in the code. This included performing static code analytics and unit testing, ensuring more than 90% code coverage and highest-quality output.

Other aspect of our collaboration included:

  • Utilizing the latest serverless AWS technologies, including Lambda functions, to ensure scalability, cost optimization, building better applications easier, moving from idea to market faster​ 
  • Following the Scrum methodology and participated in technical discussions to take the best architecture decisions ​
  • Building CI/CD pipelines using GitHub Actions​ 

The Results 

The Scalefocus team developed a fully-fledged Golang-based solution from scratch to help the client’s offensive security specialists structure data more efficiently and process significantly larger volumes of information with fewer operations. Back-end systems can now handle these vast data sets and extract the relevant pieces of information while discarding the rest, making interpretation easier and more transparent. Our experts established optimal development processes that aligned the produced code with the right environments in just three weeks, surpassing both client expectations and the industry average. This laid the groundwork for the successful continuation of the project, minimizing potential complexities and troubleshooting risks down the line. 

Other deliverables resulting from the collaboration:

  • Further digitalization and automation​ integrating with other products and services​ 
  • 99.7% reduction in the amount of information that needs to be processed (condensed 15 thousand lines of code to 44 unique, easily recognizable records)
  • Over 90% code coverage with unit tests​ utilizing Golang to minimize issues early on in development​ 
  • Better classification and categorization ​of vulnerability types that organizations are exposed to​ 
  • Faster and more tailored gap analysis​ thanks to better extraction data​ insights 

Technologies

Golang
MySQL
AWS (S3, SNS, RDS, Lambda)
Next.Js
Cypress  

Our Work

We have a global client base that includes Fortune 500 companies, innovative startups and industry leaders in Information Technology, E-Commerce, Insurance, Healthcare, Finance and Energy & Utilities.

Explore all

Ready to scale and meet the technology challenges of tomorrow?

Contact us