Clear Strategy For Your Cloud
AVM is focused on delivering Custom Cloud and Enterprise Solutions, through:
- Consulting & Advisory
- Implementations & Hands-On Training
- Managed Services & Support
We believe that the difference between something good and something great is the attention to details.
AVM Consulting is a technology company focused on delivering custom Cloud Solutions for your business.
AVM also regularly conducts independent research to understand emerging technologies and uncover new insights for performance optimization.
We are proud to actively share our learnings and research to the Technology community, at large, through blogging, benchmarking, and publishing.
Years in Cloud Computing
Focus - Quality
While we focus on AWS based solutions we are experienced with multi-cloud architectures
Blueacorn is a financial service provider that helps small businesses, independent contractors, and self-employed individuals with their financial needs. During the COVID-19 pandemic, the company focused on acting as a lender and helping these groups secure Paycheck Protection Program (PPP) funding.
To accommodate the fluctuating traffic patterns, it was important for Blueacorn to have a scalable infrastructure with the ability to scale up or down and adjust capacity as needed. AVM assisted with building a resilient infrastructure and optimizing service delivery through rightsizing, resulting in cost savings.
In order to support the high volume of businesses using Blueacorn’s services to apply for PPP funding, it was necessary to enhance the existing infrastructure to handle the traffic. AVM was enlisted to improve the resilience of the infrastructure using various services such as DynamoDB, EC2, RDS, S3, Auto Scaling group, LoadBalancers, GitHub Actions, Kubernetes, Helm Charts, Terraform, and Snowflake.
AVM was able to enhance the dynamic capabilities of the infrastructure to adapt to changing demand and assisted with rightsizing resources to achieve cost savings. AVM also was efficient in addressing any immediate requirements for resource modifications or addition, implementing security, and establishing strong role-based access management.
Additionally, AVM helped the company migrate its data from legacy disconnected systems to new generation Snowflake datalake, by designing and implementing a Snowflake architecture specific to their use case and data needs, ensuring proper formatting and structure for optimal performance while also making certain that the Snowflake implementation meets industry standards for security and compliance.
Edmodo had a growing set of submissions from their bug bounty program and not enough bandwidth to process them. Developers also needed guidance in secure coding practices as security bugs due to insecure code was an issue.
With a large set of bugs to process, we began by organizing and prioritizing the existing security bugs based on severity and business needs. We then proceeded to review the security bugs to verify them using tools like Burpsuite and nmap. Valid security bugs were documented and assigned to Edmodo team members to be addressed. For some security bugs, we submitted code fixes and security enhancements, then tested and verified them in QA and Production environments. We produced security training material and held training sessions for developers to provide guidance on secure coding practices for Ruby on Rails and ReactJS. The topics covered common OWASP categories and findings from bug reviews. We also performed penetration tests on the Edmodo web and Android mobile application.and produced findings.
Preparing for potential security incidents and risks is a crucial part of building a mature security ecosystem. Security incidents can have serious material and reputational impact. Effectively designed and documented security standards can mitigate these risks and provide a consistent process to respond to incidents quickly. Depending on the industry, many companies and organizations are subject to audit to verify established, documented, and complied with security standards.
Establishing such documentation can be complicated and requires broad collaboration. We began by conducting a comprehensive review of existing security documentation for the company. After which, we collaborated with technical leadership to integrate a security documentation process to their Secure Development Lifecycle Process (SDLC) process. Engagement with teams and attending scrum meetings was beneficial for staying aware of current and upcoming features and designs that impact security. We collaborated to produce security standards and documentation for the company. These documents include, but are not limited to Security Risk Assessments and Product Requirement Documents.
VTS Rise provides modernized tenant experience solution and enables asset and property managers to power their portfolio wide operation and provide a premium experience to tenants, building operators and visitors.
VTS has native mobile applications (iOS, Android) as well as web applications hosted on AWS Cloud that continually serve its customers with seamless experience with their property management.
AVM worked with VTS to help them streamline their observability strategy, train them in understanding Datadog functionality, and guide them with best practices in monitoring and recommend improvements.
VTS already had a Datadog instance in use but had not instrumented their application for a robust Datadog experience. They needed someone to streamline their Datadog configuration and align it with best practices. Their expectation was to have end to end observability and performance monitoring.
AVM reviewed their tagging strategy, their existing integration and application instrumentation and provided feedback. AVM collaborated VTS in determining a proper tagging strategy. All dashboards, monitors, and alerts were reviewed holistically. Improvements were made leveraging real user monitoring (RUM), synthetic tests, continuous logging and comprehensive service tagging. The iOS and Android instrumentation was also reviewed, resulting in code change recommendations to reconfigure log collection, linking RUM with logging, and correlating logs with traces.
AVM also provided VTS with guidelines on monitoring and template for incident management to fit into their tech operational strategy.
Amuse is an e-commerce cannabis delivery business reinventing how consumers order and consume cannabis hosted in AWS. Amuse has aggressive SLO, which needs constant monitoring of the search latencies, one of the product’s core capabilities. They get an enormous volume of search requests to search the exhaustive list of products. Sometimes the search requests fail, and it becomes difficult to capture the customer’s real customer experience. Magento stack has a very minimal out-of-box instrumentation solution. Monitoring the life cycle of messages that flow through various services is challenging.
AVM worked with the Amuse team to build instrumentation for the Magento stack powered by the Datadog libraries and Datadog as the observability platform. AVM enabled Amuse to instrument the Magento stack and configured the Datadog agent with the suitable parameter set.
The engineering team at AVM ensured that the spans and traces of the request were complete. Missing Datadog spans and traces were identified during troubleshooting, leading to the instrumentation code changed to fix the Datadog agent issues, and enriching the request context for end-to-end Datadog monitoring.
The solution enabled the Amuse team to use Datadog as a single pane glass for their entire e-commerce platform