Implemented DevSecOps for a Mauritian Bank to Streamline Release Management Processes

About Client

The client is a prominent full-service commercial bank based in Mauritius and primarily serve retail, corporate, private, and international customers.

Business Requirement

The client relied on Temenos Infinity – a digital platform – to process customer interactions and daily transactions. The client wanted to implement DevSecOps Framework and the CI/CD pipeline for Temenos Infinity.

CCS Solution

CCS Engineers implemented the DevSecOps pipeline in 2 phases – discovery and implementation. In the discovery phase, CCS gathered data from the client’s vendors and their IT and Security teams in order to define the DevOps framework.

Post the discovery phase, CCS designed and implemented a branching strategy and set up naming conventions for the source code management. After this, multiple security testing, dependency checks and code consistency checks were carried out. Code quality was checked by means of an open-source platform for continuous inspection. Conducted vulnerability assessment and penetration testing to evaluate the security of 2 web applications and a mobile app.

CCS successfully implemented the DevSecOps framework for the dev and ops teams to have their releases done in an agile fashion and without compromising security. Handed over the latest builds through the DevSecOps pipeline for the client to handle their business. iOS and Android versions of the applications were made available on App Store and Google Play, respectively.

Business Benefits

Future apps built on the Temenos Infinity platform will adhere to the same development and CI/CD structure, thus ensuring security and rapid releases.

Streamlined the release management process and increased delivery speed by 3x. Releases which would previously take 6 weeks, can now be accomplished in 2.

Reduced defect leakage into production with a checkpoint in the pre-production environment.

Automating the review process improved code coverage.