Transforming Application Delivery Through a DevSecOps Transformation Model for a Housing Finance Firm

Client

Housing Finance Player

The client plays a crucial role in the U.S. housing finance system. They provide financial services to lenders, making homeownership more accessible and affordable for millions of people across the nation. The client wanted to adopt a DevSecOps transformation delivery model for improving operational efficiency, security, and agility while transitioning to a cloud-native architecture.

Challenge

Vast Monolithic Application Environment

The client faced several challenges that hindered its ability to innovate and deliver efficiently:

• Diverse Application Portfolio: Managing 54 different applications with varying requirements and dependencies.
• Slow Release Cycles: Releases were limited to once every three months, delaying time-to-market and responsiveness.
• Complex Environment Management: Overseeing 150+ active non-production and production environments created operational inefficiencies.
• Legacy Architecture: The reliance on monolithic application architectures made it difficult to adopt modern development and deployment practices.

Solution

Our Approach to DevSecOps Transformation

Hexaware addressed these challenges by drawing a comprehensive plan for implementing a DevSecOps delivery model. The solutions provided included:

• Cloud-Native Transformation: Hexaware facilitated the transition to containerized deployments using OpenShift and Kubernetes. This enabled the client to adopt a microservices-based delivery model, aligning with their “Cloudify” initiative.
• Automated Release Management: Hexaware integrated tools like JIRA, SNOW, and Jenkins to automate release management processes. This streamlined workflows and reduced manual intervention.
• Continuous Delivery Pipeline: A template-based continuous delivery pipeline was developed using Jenkins shared libraries. This allowed seamless integration with OpenShift non-production environments, ensuring consistency and efficiency.
• Automated Release Orchestration: Hexaware implemented Spinnaker for automated release orchestration, enabling continuous delivery for applications built with Spring Boot, Node.js, and MongoDB.
• Security Integration: Hexaware embedded continuous security practices, including SAST, DAST, IAST, and IaC Security, into the development lifecycle. This ensured that security was not an afterthought but an integral part of the process.

Benefits

Driving Efficiency and Cost Savings

The solutions provided by Hexaware delivered significant benefits to the client:

• Enhanced Consistency and Management: The adoption of containerized deployments and automated pipelines improved environmental consistency, visibility, and ease of management.
• Accelerated Release Frequency: Release cycles improved from once every three months to twice a week, enabling faster delivery of features and updates.
• Productivity Gains: The team experienced a 50% improvement in overall productivity, allowing them to focus on innovation and strategic initiatives.
• Effort Savings: Hexaware’s solutions resulted in a 28% reduction in efforts required for application releases, translating to cost savings and operational efficiency.

Summary

Hexaware’s expertise in DevSecOps and cloud-native transformations enabled the client to overcome significant operational challenges. By modernizing their application delivery processes, Hexaware helped the client achieve higher agility, improved security, and enhanced productivity.