Case logo Web app for data collection terminals Honeywell

  • Client:
    Honeywell, USA
  • Request:
    To create a web application (UI) and API to interact with a threat intelligence exchange terminal.
  • Result:
    A well-developed, user-friendly interface with good usability properties, intuitively clear to users.
  • Technologies:
    • AngularJS
    • TypeScript
    • .NET
    • ASP.NET Core Identity
    • C#
    • NSubstitute
    • Karma
    • Jasmine
    • EF Core
    • NUnit
    • MS SQL

Challenge

We cooperated with Honeywell – a USA-based company that specializes in cybersecurity and developing tools for exchanging information about security threats.

The company produces a unique device – a terminal that encrypts digital files stored on employees' USB flash drives. USB flash drives can store confidential information which could be anything from a company’s financial records to personal information. Such sensitive information must be kept secure from theft and vulnerability. Therefore these terminals were to be build to address the issues of data safety.

The customer chose Cogniteq due to our extensive experience in cybersecurity and frontend development coupled with expertise in Microsoft technologies (.NET). Our experts successfully passed several interview rounds to be entrusted with the work on the client's terminals.

The main challenge was to create a web application (UI) and API to interact with a threat intelligence exchange tool giving access and management of the information .

Solution

Our team implemented solutions from scratch for both the frontend and backend parts of the web application interface (UI + API for Events solution). Users from different organizations have the possibility to track statistics and export information from different terminals.

  • The principal app functionality
    The web application analyzes data contained in the database and calculates statistics that are displayed to the user.
  • Classification categories
    The solution data is divided into organization, open drives, total drives, total files, blocked files, and total gateways (terminals).
  • Events option
    Administrators or managers can create Events, define severity, and manage the status of the Events. Closed Event options are turned off by default. All open Events for all Organizations the user belongs to are displayed by default.
  • Why the API is used
    The web application employs API to interact with the database comprising info from the terminals installed at the entrances to the enterprise premises. The terminals check the data saved on portable flash storage devices (USB drives) for threats and encode the the information to be used inside the office area.
  • What the Events are for
    The development team has implemented a separate API  for the functionality of creating Events for detected data security threats. The Event includes:
    • Organization name
    • Event ID
    • Summary (concise description of the threat found indicating the number of the session)
    • Assigned User
    • Severity status assigned by the system
    • Last updates
    • Status (New, Open, Closed) showing the state the Event is worked on
  • The web application provides
    • Two-factor authentication with the e-mail sent to verify access to the account.
    • Role-based access within the web application: admin, manager, the user.
    • Independent API for Events functionality / creating Events for the threads detected.
    • Reports export.

Result

  • Image
    The team has successfully implemented the required solution.
  • Image
    The admin panel provides a well-developed user-friendly interface that provides access to data management capabilities based on the user roles.
  • Image
    We met client expectations in terms of project results. We continue our cooperation with SLA agreement and other assignments.