Read Aloud the Text Content

This audio was created by Woord's Text to Speech service by content creators from all around the world.

Text Content or SSML code:

Hello Everyone, We are from BRET application team and here to take you through what application does on a daily basis. BRET stands for Bid risk evaluation tool and it acts as a guardian for bids created by business partners on behalf of government owned entity customers It performs automated analysis to check if it contains terms and conditions which might be construed as potential violations of provision of federal law and regulations to secure favorable action on behalf of Government owned entity customers Journey of BRET started way back in 2014 developed by chief analytics office and transitioned to Philippines team in 2015 and later transitioned to us in 2019. Number of bids handled by our application has increased significantly as we enabled different Geographies over last few years after taking over from Philippines team This image shows the countries that are supported by BRET application across the world. countries are highlighted with a different colors for each Geographies Users of BREt are distributed globally and they are from CoC Centre of Competency under TCO Trust and Compliance Organization who evaluates focus bids and decides if they are good to proceed next or not BRET application is interfaced with various data sources and acts as both upstream and downstream partners for various applications within CIO organization This image shows how BREt is interfaced with each application teams with different technologies usage This image tells about the list of tools used in BREt application Sonar qube is used for analyzing code and vulnerabilities Sonarlint to find security issue and bugs in the code We use Appscan on cloud for static(SAST) and dynamic(DAST)security testing In order to find open source vulnerabilities we use whitesource In order to comply with CIO strategic goals we performed application modernization by migrating old monolithic architecture from websphere to cirrus hybrid cloud platform by adapting micro services architecture Migrated legacy IIB code towards a microservice application in cirrus bybrid cloud and transformed to a ETL datastage job We implemented a CI/CD pipeline with a authorized usage of source code with release and environment aligned in github we make use of docker to perform unit test and security check on every build in non prod environment it automatically handles failing build during test failure and deploying application during success we are also in process of implementing multiple bid stages as a package As part of security and compliance we make use of tools such as SonarQube, WhiteSource on Github and ASoC for SAST and DAST. we use Cirrus in-build tool "Clair" that scans for vulnerabilities on containerized Docker images to fix security flaw in minimal time. In order to have secure authentication and authorization of users we are using Spring boot security feature API-Gateway Session variables are used to avoid URL tampering and cause security risks while using a query parameters For storage we make use of cloud object storage to store project related local files We are using GSLB load balancing cirrus feature for high availability of application and disaster rcovery Dynatrace is integrated with our application to monitor performance and failure LogDna helps us to track packaging logs from all microservices We have a separate dashboard monitored by our LCM team on the scheduled jobs processed within application Modernizing an application has helped us in achieving lot of things 70% page load time has improved compared to our old legacy architecture It is now compliance with all standards and secured highly We had lot of innovations along with development work during modernization we are making Usage of latest modern technologies upskilling of team members with latest industry standard skills available in the market