Blog

Tech Talk: DevOps with AWS

by Alice Swan Jul 2nd, 2020 Cloud EC Inside Tech Talks Technology

DevOps has reshaped the way software is processed and delivered by providing a structured and decoupled approach by way of the DevOps toolchain.

Using CI/CD (continuous integration/continuous delivery) in your DevOps pipeline provides automation that improves delivery time, thus allowing developers a faster and more reliable way to go from code to deployment.

If you’re already invested in AWS cloud infrastructure, then it’s worth checking out AWS’s DevOps suite, as they’ve created tools designed to integrate their services for a quick to implement solution. AWS CodePipeline allows you to create custom workflows and control how CI/CD is implemented in your system.

In June 30th, Jim Davis, a senior software engineer and tech lead at Evans & Chambers, conducted a tech talk on the advantages of incorporating DevOps into one’s software development cycle, and demoed a “hello world” application going from code to a hosted deployment in about 15 minutes with the push of a button.

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.

Screen Shot 2020-07-13 at 4.20.08 PM Screen Shot 2020-07-13 at 4.20.29 PM Screen Shot 2020-07-13 at 4.22.44 PM

Tech Talk: AWS Amplify

by Alice Swan May 28th, 2020 Cloud Tech Talks Technology

In the fast paced and ever-expanding world of software development cloud computing has become the new norm. AWS, being a leader in providing on-demand cloud computing services, is always looking to make it easier for the customer to build end to end solutions.

The traditional cloud model is to provision servers for computation and storage. This requires developers to manage and maintain operating systems, size, scaling policies and much more. What id there was a way to have a backend provisioned in the cloud without having to manage servers? AWS Amplify was introduced in 2017 to do just that.

On May 26th, Nate Ostrander, a software developer at Evans & Chambers Technology, gave a Tech Talk on how to utilize AWS Amplify to quickly build serverless solutions in the cloud. Nate gave a brief overview of the Amplify framework and which AWS services/coding frameworks are currently supported. He also demoed on how to build a reactive mobile application using Amplify, App-Sync and DynamoDB.

AWS Amplify gives developers the ability to rapidly prototype solutions that are built to scale for production. We will see more growth in the software development community as it is easier to quickly build cheap solutions with services like Amplify.

Screen Shot 2020-06-09 at 12.51.10 PM Screen Shot 2020-06-11 at 11.37.17 AM  Screen Shot 2020-06-09 at 12.50.38 PM

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.

Tech Talk: Amazon Textract

by Alice Swan Apr 30th, 2020 Cloud EC Inside Tech Talks Technology

In industries from government services to insurance, paper forms that were designed for physical use are increasingly sent over the internet. These forms have proved difficult to incorporate with digital tools and applications in the past.

As a result, demand has increased for robust Optical Character Recognition (OCR) tools that turn written forms and tables into machine-readable text. Document processors that require users to define a template are excellent for certain applications, but in situations with scanned or faxed documents, there are often problems with text recognition. Amazon released Textract in late 2018 to serve as a template-free OCR solution that serves as both an extractor and analyzer of text.

On April 28, Kayla Cross, a software engineer on the Security Control team at Evans & Chambers, held a virtual Tech Talk to provide an overview of Textract’s functionality. She outlined its advantages, such as reducing the burden on the user, and highlighted its easy-to-use API. She also outlined its possible uses, including identifying text for natural language processing, analyzing data with multiple columns, and parsing complex government forms like DD254s and SF86s. She ended with two demonstrations that showed different approaches to using Textract in the Amazon ecosystem to parse a government form and a picture of a blog post taken with a phone.

Tools like Textract can prevent the arduous experience of re-entering information that is already contained in a form into separate software, which makes it an attractive solution for developers seeking to improve user experiences and streamline their applications.

image (3)     image (2)

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.

Evans and Chambers Technology Hosts Tradecraft Thursday: Impact of Economic Espionage

by Alice Swan Mar 10th, 2020 EC Inside Events

Did you know that the United States regulates and restricts the release of critical technologies, information, and services to foreign nationals? You may be intrigued to know how compromised exports can weaken our national security.

Recently, Davidian Shirley, one of Evans & Chambers’ top intelligence analysts, held a Tradecraft Thursday training for the company discussing the impact of economic espionage and third-party access to controlled U.S. exports, as well as mitigation strategies. Davidian introduced general strategies of economic espionage against the U.S. Government and corporations and shared publicized cases illustrating how foreign adversaries gained access to sensitive information that saved their nations millions of dollars in research and development and undermined the United States’ strategic advantage. As a global superpower, the United States must be strong and effective security measures for its export system in order to protect and bolster national security.

Check out this article Foreign Economic Espionage in Cyberspace.

20181008_083239

About Tradecraft Thursdays

Tradecraft Thursday is a series of employee-led internal monthly talks dedicated to EC’s core value of continental learning. These talks aim to cover a broad range of professional topics to promote best practices and a shared understanding of common problem sets within our customer spaces. Stay tuned for the next Tradecraft Thursday recap!

Tech Talk: AWS CloudFormation

by Alice Swan Feb 28th, 2020 Cloud EC Inside Tech Talks Technology

Infrastructure as Code (IaC) is a powerful method for safely and reliably managing complex solution deployments. IaC reduces or eliminates manual steps, limiting the opportunities for human error. AWS CloudFormation is a managed IaC solution for representing and deploying solutions in the AWS platform.

On February 27, Pat Ryan, cloud practice lead for Evans & Chambers, held a Tech Talk to provide a basic introduction on the core concepts and practices of CloudFormation. He described the key syntactical elements of a CloudFormation template as well as the built-in functions and variables.

Following the discussion on CloudFormation basics, Pat walked through an example of a complex template that he produced for a government client.

The presentation provided an introductory understanding of CloudFormation and introduced other IaC solutions such as Ansible and Terraform.

IMG_5686  IMG_0593 IMG_3345

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.

The 5 Coolest Things We Learned at AWS re:invent

by Kayla Cross Jan 16th, 2020 Cloud Events Technology

This past December, I and six other EC team members used our annual training budgets to attend Amazon Web Services’ (AWS’s) annual re:invent conference in Las Vegas. We participated in small workshops, informational sessions, and hackathons alongside a staggering 60,000 attendees who descended upon the city to learn more about the services AWS offers.

Conference activities ranged from an enormous expo where companies showed off their products to small “Builder’s Workshops” that offered personalized instruction to no more than a dozen attendees at a time. In between activities, conference sessions explored each of AWS’s offerings as well as unveiled new services (such as Kendra, a search tool powered by machine learning). EC team members attended some sessions together and some individually  based on our professional interests. We will each give a Tech Talk in the coming months to share what we learned with the rest of our EC colleagues.

Having one of the entertainment capitals of the world as the backdrop for the conference meant plenty of options for fun as well. Attending the public sector happy hour afforded us the opportunity not only to unwind from a long day of workshops but also to connect with organizations with which EC could potentially partner. Our team has already done a demo with one of the companies we met there, LogRocket, that could help us more quickly identify bugs in production.


The 5 coolest things we learned at re:invent

After returning from the conference and having some time to reflect, the team got on Slack to share our notable  takeaways from re:invent:  

1. FedRAMP accreditation support for AWS partners

Jamil Evans: “My one thing: I met the head of ISV alliances for the public sector at a public sector reception. He shared that as a trusted partner, AWS will provide us with dedicated support as we move Security Control through the FedRAMP accreditation process!

2. Patch automation with AWS Systems Manager

Colin Ardizzone: “One cool thing I learned about was the Patch Manager capability within AWS Systems Manager which lets you automate patching of EC2 instances with custom scripts and gives ample feedback in the form of logs to CloudWatch. It also lets you patch fleets of instances at a time and will smartly distribute the patch schedule so all your instances aren’t affected at once.”

3. VPC Ingress routing rules!

Pat Ryan: “AWS’s new VPC Ingress Routing features can be used to simplify integration of 3rd party security appliances.”

4. Amazon Textract rocks!

Kayla Cross: “I was impressed with Amazon Textract for importing documents and forms into applications. I thought it would be especially applicable to a lot of projects at EC that may deal with modeling information from complicated government forms.

5. Mobile development with offline support using AWS Amplify

Nate Ostrander: “I learned about AWS Amplify, a development platform that helps you build mobile and web applications without managing compute servers. Amplify also offers offline integration. While offline, the user’s device can query and write to a local cache which will automatically synchronize with the data source when back online.”

 

image  Image from iOS (3)  Image from iOS (4)

Case Study – Security Control

by Jamil Evans Dec 10th, 2019 Business Software Technology

 

The Challenge:

seccon-image-png128
If you work as a security officer in private industry or many government agencies, chances are you are responsible for multiple security domains, to include personnel security, industrial security, incident management, operations security, foreign disclosure, and insider threat for your entire organization. The current management tools for these areas are generally paper files, excel spreadsheets, SharePoint sites, email inboxes, and at best multiple stove-piped and antiquated software solutions. This leads to time lost searching for and providing information. The disconnection of systems has institutionalized inefficient processes that create additional work for each specialist handling a transaction. In a surprising large number of cases, inaccurate or absent data entry has led to missed handoffs, lengthening the clearance processing time, which hits an organization’s bottom-line unnecessarily. In the most heartbreaking cases, these organizations lose their ability to hold classified contracts completely due to non-compliance with the NISPOM (view pdf here) and failed inspections.

 

The Approach:

Evans & Chambers, in partnership Industrial Security Integrators (IsI), designed and developed Security Control to be the market leader in the industrial security software sector.  Security Control is a cloud-native SaaS solution for industry and government that centralizes all aspects of industrial security to include modules for classified contracts, personnel, secure facilities, safes, classified materials, visits, incident management and insider threat. Our product notifies security officers and clearance holders of actions necessary to remedy issues to stay in compliance with security and agency policy directives. Rather than require security officers to hunt down employees for annual training via email and phone, Security Control assigns actions items to employees within the application. Users then click the email link to launch an employee portal to view their action items and complete them.

For incident management and insider threat, Security Control offers submission forms enabling employees to report their incident along with supporting details and attachments. The entire submission is then routed to the supervisor, security officer, insider threat personnel security officer (ITPSO), and any key personnel within the organization, as required by your organizational policies. Finally, a simple export is needed to provide the report to the relevant government authorities.

Security Control’s latest feature is automated DCSA self inspections. Prior to this breakthrough feature, organizations would spend up to a month emailing an MS Word questionnaire around to key corporate personnel, and approximately 15% of your cleared workforce.  This process requires each recipient to answer a subset of questions. After herding cats to get the questions answered, and verifying accuracy and completeness, the data would be manually compiled into a coherent report with a cover letter and made available to DCSA with the hopes that it would fit compliance requirements. Security Control’s automated self inspection feature with workflows enables the security office to complete this entire process accurately in just a few clicks.

Security Control was built on the Amazon Web Services GovCloud regions with a security-first approach. Our product offers both SaaS and on-premise versions. The SaaS option ensures data isolation and integrity without requiring dedicated hardware. Our Multi-tenant architecture balances security with cost-effectiveness by segmenting customer information via unique databases per tenant while also employing auto-scaling through multiple web servers that share customer computational workloads. Private subnets are used to keep customer data secure and prevent any unauthorized access. Security Control is in the process of achieving a FedRAMP moderate compliance level.

 

The Results:

Industrial Security Integrators, our strategic partner, came onboard as our first client in 2017. Together, we migrated 4,000 personnel clearances from over 200 Federal government contracting firms into the system. Today, our product has achieved a client base of 14,000 employee personnel clearances and over 550 Federal Government contractors. As Security Control continues to grow, the number of clerical errors and time lost during the clearance process will continue to decrease. We are committed to staying ahead of the compliance curve through the production of innovative new features as DCSA continues to add more regulations to the NISPOM. Through these efforts, we are excited to be recognized as a leading contributor in helping our clients achieve and maintain their levels of security, efficiency, and compliance.

Tech Talk: Amazon Lex Chatbox

by Alice Swan Oct 25th, 2019 EC Inside Tech Talks Technology

Do you want to create a scalable and easy-to-use chatbot in minutes?

On October 24, Colin Ardizzone, a developer at Evans & Chambers, held a tech talk detailing how to set up an Amazon Lex chatbox. Lex is Amazon’s service for creating conversational interfaces for applications powered by the same technologies as Amazon Alexa. During the talk, Colin discussed basic concepts of natural language processing, how to create and configure Lex, and demonstrated how Lex can effectively integrate with other Amazon web services. The presentation also covered some of the best business use-cases of Amazon Lex from industry leaders such as Capital One and Nasa.

The tech talk was designed with both AWS beginners and experienced users in mind. If you would like to follow along with the example in this tech talk, you can do so by creating an AWS free-tier account. All the baseline blueprints in the presentation were provided by AWS and are more than enough to get started with your own chatbox. For more great resources on Lex, we recommend reading some of the partner blog posts found here.

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.

20191114_144315   20191114_151043  88143 (2)

 

 

 

 

Tech Talk: Data Processing with Amazon Sagemaker

by Alice Swan Jul 24th, 2019 Events Tech Talks Technology

Machine learning and artificial intelligence (AI) services have become an integral part of many government-off-the-shelf  (GOTS) and commercial-off-the-shelf applications (COTS). Did you know that there are convenient ways to train, manage, and deploy machine learning algorithms and services?

On July 23rd, Dave Rabrun, one of Evans & Chambers’  lead software developers, held a Tech Talk for the company exploring big data, open-source processing, and mitigation challenges presented by creating custom machine learning tools within the public sector. Furthermore, Dave discussed the advantages of Amazon SageMaker, a cloud-based service that supports the entire machine learning workflow. With custom data processing tools becoming increasingly necessary for public sector clients, it is important to stay on top of the relevant technologies that makes those necessities a reality.

The presentation provided the audience with a deep understanding of why DoD and Intelligence Community agencies need to build custom image classification, video recognition, natural language processing and sentiment analysis tools. The presentation also provided a live demonstration of training an interactive data model.

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.

Tech Talk: User Experience Design

by Alice Swan Jun 26th, 2019 EC Inside Tech Talks Technology

Do you think you’d be able to explain User Experience (UX) Design and how it fits into the application development cycle? You may be interested to know that UX Design covers the entire cycle, including aspects of branding, design, usability, and function.

On Tuesday June 25th, Autumn Richardson, one of Evans & Chambers’ User Experience Designers on the DID(it) team at USCIS, held a Tech Talk for the company, explaining what user experience design is and what is considered to be a well-designed application.

In addition, Autumn explored how to incorporate users’ needs into each feature to improve workflow and used examples from an application she is currently designing that helps asylum officers maximize their time to reduce interview backlogs. In a busy and fast-paced world, efficiency is more important than ever. UX Design allows us to create products with meaningful and relevant experiences to users that help them concentrate more on what is necessary to fulfill their goals for the day.


20190715_113812
    20190715_114111    20190715_113952

About the EC Tech Talk Series

The Tech Talk Series is an employee-led platform dedicated to EC’s core value of continual learning. These talks aim to cover a broad range of technology-based topics to promote the sharing of best practices and ideas across EC’s project teams.