Clear Strategy For Your Cloud
AVM is focused on delivering Custom Cloud and Enterprise Solutions, through:
- Consulting & Advisory
- Implementations & Hands-On Training
- Managed Services & Support
We believe that the difference between something good and something great is the attention to details.
AVM Consulting is a technology company focused on delivering custom Cloud Solutions for your business.
AVM also regularly conducts independent research to understand emerging technologies and uncover new insights for performance optimization.
We are proud to actively share our learnings and research to the Technology community, at large, through blogging, benchmarking, and publishing.
Years in Cloud Computing
Focus - Quality
While we focus on AWS based solutions we are experienced with multi-cloud architectures
Edmodo had a growing set of submissions from their bug bounty program and not enough bandwidth to process them. Developers also needed guidance in secure coding practices as security bugs due to insecure code was an issue.
With a large set of bugs to process, we began by organizing and prioritizing the existing security bugs based on severity and business needs. We then proceeded to review the security bugs to verify them using tools like Burpsuite and nmap. Valid security bugs were documented and assigned to Edmodo team members to be addressed. For some security bugs, we submitted code fixes and security enhancements, then tested and verified them in QA and Production environments. We produced security training material and held training sessions for developers to provide guidance on secure coding practices for Ruby on Rails and ReactJS. The topics covered common OWASP categories and findings from bug reviews. We also performed penetration tests on the Edmodo web and Android mobile application.and produced findings.
Preparing for potential security incidents and risks is a crucial part of building a mature security ecosystem. Security incidents can have serious material and reputational impact. Effectively designed and documented security standards can mitigate these risks and provide a consistent process to respond to incidents quickly. Depending on the industry, many companies and organizations are subject to audit to verify established, documented, and complied with security standards.
Establishing such documentation can be complicated and requires broad collaboration. We began by conducting a comprehensive review of existing security documentation for the company. After which, we collaborated with technical leadership to integrate a security documentation process to their Secure Development Lifecycle Process (SDLC) process. Engagement with teams and attending scrum meetings was beneficial for staying aware of current and upcoming features and designs that impact security. We collaborated to produce security standards and documentation for the company. These documents include, but are not limited to Security Risk Assessments and Product Requirement Documents.
VTS Rise provides modernized tenant experience solution and enables asset and property managers to power their portfolio wide operation and provide a premium experience to tenants, building operators and visitors.
VTS has native mobile applications (iOS, Android) as well as web applications hosted on AWS Cloud that continually serve its customers with seamless experience with their property management.
AVM worked with VTS to help them streamline their observability strategy, train them in understanding Datadog functionality, and guide them with best practices in monitoring and recommend improvements.
VTS already had a Datadog instance in use but had not instrumented their application for a robust Datadog experience. They needed someone to streamline their Datadog configuration and align it with best practices. Their expectation was to have end to end observability and performance monitoring.
AVM reviewed their tagging strategy, their existing integration and application instrumentation and provided feedback. AVM collaborated VTS in determining a proper tagging strategy. All dashboards, monitors, and alerts were reviewed holistically. Improvements were made leveraging real user monitoring (RUM), synthetic tests, continuous logging and comprehensive service tagging. The iOS and Android instrumentation was also reviewed, resulting in code change recommendations to reconfigure log collection, linking RUM with logging, and correlating logs with traces.
AVM also provided VTS with guidelines on monitoring and template for incident management to fit into their tech operational strategy.
Amuse is an e-commerce cannabis delivery business reinventing how consumers order and consume cannabis hosted in AWS. Amuse has aggressive SLO, which needs constant monitoring of the search latencies, one of the product’s core capabilities. They get an enormous volume of search requests to search the exhaustive list of products. Sometimes the search requests fail, and it becomes difficult to capture the customer’s real customer experience. Magento stack has a very minimal out-of-box instrumentation solution. Monitoring the life cycle of messages that flow through various services is challenging.
AVM worked with the Amuse team to build instrumentation for the Magento stack powered by the Datadog libraries and Datadog as the observability platform. AVM enabled Amuse to instrument the Magento stack and configured the Datadog agent with the suitable parameter set.
The engineering team at AVM ensured that the spans and traces of the request were complete. Missing Datadog spans and traces were identified during troubleshooting, leading to the instrumentation code changed to fix the Datadog agent issues, and enriching the request context for end-to-end Datadog monitoring.
The solution enabled the Amuse team to use Datadog as a single pane glass for their entire e-commerce platform
Allstate, a Fortune 100 Insurance company, reached out to AVM to help them mature their observability strategy and implementation.This was a key initiative of their digital transformation strategy. Allstate wanted to achieve total observability and AVM collaborated to make it happen by reviewing existing patterns, involving all teams, and working through the launch of a new product
Allstate was already using Datadog for observability but realized that they were not using the tools at full potential. They wanted actionable dashboards that would allow their teams to quickly source and mitigate issues. This included end to end performance monitoring leveraging real user monitoring (RUM), synthetic tests, logs, application and infrastructure monitoring to trace customer requests through the entire architecture including cloud services, kubernetes and asynchronous, Kafka based, integrations. These all added to the complexity. AVM was able achieve end to end traceability and created comprehensive dashboards.
The initial priority was production to reduce the number of critical incidents. AVM then went beyond the production environment to include test and dev environments and CI/CD pipelines in order to catch issues as early as possible. Chaos testing was introduced to detect gaps in both the architecture and the monitoring.
AVM conducted a full audit of existing dashboards, monitors and alerts then worked with the Allstate team to focus them on what was meaningful and actionable. This required AVM’s extensive knowledge of cloud native AWS solutions, messaging and service based architectures, and observability best practices. AVM wanted to ensure that there were tagging standards to aid in creating and navigating dashboards and metrics. These standards needed to account for many observability lens – application performance, security, cloud spend, devops metrics