Leveraging improved efficiency and reduced costs while ensuring availability, cloud native development is a must for complex enterprise modernization projects. Modern cloud native architectures involve applications developed and deployed through cloud service providers such as AWS. These use services like AWS VPC, EC2, S3, Kinesis, DynamoDB, RDS, and others.

While utilizing cloud native architecture can provide impressive operational improvements, maintaining security and compliance standards using manual processes can quickly limit those outcomes. This is a common concern for our agency customers. Applications deployed in federal agencies obtain Authorization to Operate, an ATO. 

Getting an ATO involves categorizing the information system, then selecting, implementing, and assessing the controls. Risks are identified based on this assessment, and final authorization is provided to operate the system. In most cases, this process relies on manual tasks, like copying security control documentation into a  Governance, Risk, and Compliance (GRC) document, then manually updating this documentation on a regular basis. Continuous deployment of new workloads and features in an agile environment being a necessity, manual processes and massive documentation effort adds significant delays to the authorization process.

AWS DevOps and OSCAL Compliance for cATO and Zero Trust

One solution is the Open Security Controls Assessment Language (OSCAL). OSCAL is a set of formats expressed in XML, JSON, and YAML developed by NIST. These formats provide machine-readable representations of control catalogs, control baselines, system security plans, and assessment plans and results. Govready-q is an open source GRC platform for highly automated, user-friendly, self-service compliance assessments and documentation which supports OSCAL. AWS is the first cloud service provider to provide OSCAL formatted system security plan (SSP). Integrating a GRC tool like Goveread-q part of the DevSecOps toolchain and using OSCAL for documenting all the controls automates most aspects of the ATO process enables us to do continuous ATO (cATO) and alleviates the documentation burden and most manual processes associated with it.

Enabling DevOps with Karsun Solutions 

At Karsun, we promote the adoption of OSCAL for the documentation of security controls and use automated GRC tools like GovReady-q. When applications deploy on AWS, we can leverage OSCAL documentation created by AWS. This enables faster, more accurate authorization packages, decreases customers’ security documentation burden and reduces service authorization timelines.

Working with an experienced cloud solutions partner such as Karsun ensures you do not need to trade security for efficiency. In particular, we are an AWS Advanced Consulting Partner with both a Government Services Competency and a Migration Services Competency. Partner with our experts, modernize with cloud native architecture, and optimize both operations and security.

About the Author

Judewin Gabriel is a Subject Matter Expert and the DevSecOps Practice Lead at Karsun Solutions. An advocate for DevSecOps best practices, he drives Driving CI/CD, security engineering, SRE, pipelines, and observability excellence.

Karsun Solutions is an AWS Advanced Consulting Partner. After more than a decade of delivering complex cloud solutions, we are experts in optimizing outcomes for our government agency customers. Not only do we deliver superior solutions, but our Karsun Innovation Center (KIC) in-house research and development team constantly experiments, prototypes and validates technology to ensure the implementation of best practices.

We previously shared one way our KIC brings the latest technologies to our teams, leveraging our AWS partnership to enhance Karsun’s proprietary GoLean platform. In the last five years, Karsun continued to expand our toolkit offerings. Through our technology partners, like AWS, our toolkits allow our teams to jumpstart new projects with readymade resources based on best practices.

GoLean Grows Up

As DevOps matured, so too did our approach. The GoLean platform grew and matured alongside it. 

“DevSecOps is a natural evolution of DevOps,” explains Badri Sriraman, Senior Vice President of the Karsun Innovation Center. “In the same way continuous deployment ensures improved functionally for the user, DevSecOps ensures a hardened security infrastructure is implemented for the successful operation of software in production.”

Our GoLean platform not only includes a robust lean measurement toolkit but also incorporates metrics and automates processes to accelerate the adoption of DevSecOps best practices. Our continuous delivery framework enables DevSecOps teams to decouple a feature deployment from its release so that Developers can self-manage the feature, test it in production and incrementally roll it out to users after validation of its operational performance in a shadow data network. Utilizing a low-code open source data pipeline tool enables fine-tuned data synchronization between legacy and modernized components. Additionally, our Duke Test Automation Framework supports continuous testing at scale.

Karsun Adds Cloud Runways

In addition to GoLean, Cloud Runways built on AWS or other cloud services now provide enhancements to our DevSecOps solutions. The toolkits allow teams to not only migrate legacy applications to the cloud but fully optimize them for DevSecOps. The Replatform Runway introduces DevSecOps automation using Terraform, Ansible, and Packer for Windows containers while migrating Windows apps into AWS ECS or Redhat OpenShift.

In addition to the Replatform Runways, we created nine robust runway toolkits based on best practices. This includes extensive experience delivering on AWS. We achieved both an AWS Government Competency and an AWS Migration Competency, validating our ongoing commitment to delivery excellence. A public sector partner, we are committed to helping agencies modernize to meet their mission.

As modernization requirements evolve, so too has our modernization suite. Karsun’s GoLean platform continuously adapts to the latest security and development approaches. Simultaneously we strengthened and enhanced our migration offering via Cloud Runways to optimize for DevSecOps adoption. Ongoing research and development into automation, CI/CD and DevSecOps are one of many ways Karsun ensures our architecture is built to last.

Whether using as a Platform-as-a-Service, such as Docker, or orchestration through a tool like Kubernetes, the race is on for containerized solutions. In October 2021, the General Services Administration released its Containerization Readiness Guide. Containerized software solutions allow agencies to develop applications rapidly, scale quickly and optimize compute resources. The need is especially pressing for legacy applications which must also remain secure as they modernize. 

Creating Dockerfiles for Containerization

When we think of containerization, the first step is to create a Dockerfile for each application. While the Dockerfile provides flexibility to build an image that is only limited by your ability to script, it also adds overhead on developers to ensure the accuracy, efficiency and security of these images. For example, the developers must ensure that the Dockerfiles are as small as possible by removing any redundant dependencies that can increase the image size, which increases the build time. They must also confirm the files don’t contain any secrets or config keys. Additionally, they should verify that the base image comes from a secure source while actively scanning the images for new security vulnerabilities. If the image contains vulnerabilities that can spread to all containers that use the vulnerable image. Without proper planning and oversight, things can quickly get messy.

Benefits of using Buildpacks over Dockerfiles

Buildpacks allow you to convert application code into a secure, efficient and production ready container image without the need to create a Dockerfile for each application. It examines applications written in Java, .NET, Python and many other languages to determine all the dependencies it needs and then configures them appropriately to run on any cloud. Buildpacks also offer the capability to swap out OS layers without rebuilding an image. This reduces build time by eliminating the need to recreate all the layers when the base image is updated.

Using Tekton for creating CI Pipelines 

Tekton is a cloud-native solution for building CI/CD pipelines. Unlike Jenkins, Tekton was designed to work natively on Kubernetes and incorporates AWS EKS best practices by default. It installs and runs as an extension on a Kubernetes cluster and provides a set of open source Kubernetes resources to build and run CI/CD pipelines, such as parameterized tasks and pipelines. Just like Jenkins uses plugins to extend its capabilities, Tekton has Tekton Hub – a catalog of predefined tasks, you can create custom tasks and scripts to extend the capabilities of these tasks if you can’t find a task that precisely matches your requirements. Tekton’s modularity allows for componentization, standardization and reusability within the CI/CD workflow. Buildpacks project provides tasks that Tekton can leverage to build and deploy applications.

Additionally, Tekton also provides support for Windows containers and an ability to run Linux-only, Windows-only as well as hybrid workflows. Installing Tekton on an EKS cluster means EKS automatically manages the availability and scalability of the Kubernetes control plane nodes responsible for scheduling containers, managing application availability, storing cluster data, and other key tasks. In addition, it allowed us to take advantage of all the performance, scale, reliability, and availability of AWS infrastructure, as well as integrations with AWS networking and security services, such as application load balancers (ALBs) for load distribution, AWS Identity and Access Management (IAM) integration with role-based access control (RBAC), and AWS Virtual Private Cloud (VPC) support for pod networking.

Conclusion

In summary, integrating Tekton with Buildpacks allowed us to containerize applications easily and securely and create an end-to-end CI/CD pipeline with reusable components. Using Tekton and buildpacks we were able to containerize more than 20 .NET applications and move them to the cloud in less than six months. This initiative will reduce the technical debt by reducing application maintenance costs by 50% and increasing technical compliance score by 35% in the next two years. 

About the Author

Prerak Patel is DevOps Engineer from the Karsun Solutions DevSecOps Practice. This practice is responsible for driving CI/CD, security engineering, SRE, pipelines and observability excellence at Karsun.

As the Great Resignation gives way to the Great Return, 4.2% of employees returned to a former employer, per Bloomberg. That story lists culture, stability, and colleagues among the reasons team members return. While this is great news for people looking for a career that best suits their needs, it is also great news for employers.

An Opportunity for Employers

A recent Comparably Insider blog post included some of the employers actively seeking these boomerang employees. Among them, Karsun Solutions. Our teams are made up of collaborators, innovators, and experts who deliver what’s possible for government agencies. And since the start of the pandemic, 18 employees have returned to Team Karsun! Already empowered to Do Extraordinary, returning team members are familiar with our collaborative culture, innovative spirit and opportunities for growth.

In particular, they are likely connected with one of our five Practice Areas hosted by our Innovation Center. These employee-centered teams, headed by a practice advocate, plan training and professional development opportunities, sponsor talks by industry experts, connect teams to prototyping and innovation resources and maintain libraries with toolkits supporting best practices. Coming into Karsun aware of these resources creates an added synergy and helps us build greater technology solutions together.

Connecting and Growing Together

Many of these team members stay connected through their managers and leaders who are personally invested in their growth and development. Karsun invests in the professional development and growth of every team member. We embrace a career journey mindset and understand some of our team may leave us to pursue their next opportunity.

Nevertheless, when former employees start a new path, we stay connected. Social media aids in this connection. This pattern is not uncommon, as Fast Company notes a survey of 5,000 US and UK employees found that 75% of respondents were interested in maintaining contact with their previous employer after resigning.

At Karsun, this is often through the same professional development organizations we supported when they were a team member. We are a longtime supporter of industry development programs like those offered through the American Council for Technology and Industry Advisory Council (ACT-IAC). Many team members also participate in Meetups allowing them to maintain a connection with their colleagues regardless of organization.

Later, when these former teammates seek a career change, they reconnect with current Karsun team members and previous colleagues. Given the opportunity to our teams, we frequently welcome these returning employees. Whether following the Great Resignation or as a result of a different change in career, we find new and exciting possibilities to Do Extraordinary once our boomerang team members return.

Rejoin Our Team or Start Your Next Adventure

Karsun is actively hiring former and new team members to fill remote positions for teams supporting agency missions across the federal government. Recognized for culture and innovation, this is a fantastic opportunity to join an organization with over a decade of continuous growth. Open roles range from Full Stack Developer to Data Architect. Apply today at KarsunCareers.com.

About Karsun Solutions

Karsun Solutions modernizes enterprise systems enabling agencies to make the next technological advancement their next opportunity to elevate mission capability. IT solutions from Karsun are tailored to meet agencies’ unique needs and optimize operations. These solutions adapt and stay relevant to current trends while using secure, digital architecture built to last. It is a proven modernization partner whose expertise elevates agency capabilities and ensures every next opportunity is within reach.

Every year the Karsun Innovation Center (KIC) hosts a new Summer Intern class for college students in their junior year. Mentored by KIC practice advocates, they work alongside delivery teams prototyping solutions for real-life initiatives developed by Karsun. This year we introduced a new Student Intern class. Composed of exceptional high school and college students, these internship participants completed a series of technical challenges over a ten-week program. Additionally, each Student Intern selected an emerging technology topic to research throughout their time at Karsun.

Exploring Technology in Government

This new internship invited STEM students to explore different modern software development, cloud and data solutions implementations. Working in pairs, The ten-week session opened with a challenge designed to help students think about how the federal government uses technology. In this code-a-thon, students built a web application with the potential to solve a common government technical problem.

Applying Machine Learning

Similar to the Summer Interns working on the synthetic data portal, the Student Interns also had an opportunity to work on ML/AI-related work as part of their internships. In that technology challenge, students trained machine learning models to identify images of collapsed lungs. Working alongside Innovation Center experts is a key benefit of our intern programs.

Bringing It Together

The student interns wrapped up their session with a research paper. They selected from a list of topics ranging from robotic process automation (RPA) to digital twins. They explored beyond the industries where Karsun performs work to understand how these tools are implemented in exciting ways across the government.

The student interns also worked with mentors throughout the program. The mentor to each student is a graduate from a previous intern cohort and a current Karsun employee. Just as we are excited to see the careers pursued by our graduating Summer Interns, we are also excited to see what the future holds for these emerging STEM experts.

About the Karsun Innovation Center Internship Programs

The Karsun Innovation Center hosts an annual summer internship program for computer science or equivalent students, typically in their junior year of college. Occasionally, internship opportunities are available for recent graduates. In 2022, the center added a Student Internship cohort to support exceptional high school and early college students. Information on current internship openings is available at KarsunCareers.com.

Every summer Karsun embeds interns in our Innovation Center to work alongside our technology experts, prototyping solutions to support our customers. 2022 Intern Akhilesh Varanasi used synthetic data to address a common privacy concern, personally identifiable information (PII.) Using synthetic data, an artificial set of data is created to perform ML/AI work preventing exposure of sensitive PII. In the interview below, Akhilesh describes his experience in the Karsun Innovation Center and his synthetic data internship project.

First, please tell us about yourself. Where are you going to school? What are you studying? What do you like to do in your free time?

Hi all! My name is Akhilesh Varanasi. I’m currently a rising junior at the University of Washington in Seattle, where I’m a double major in Computer Science and Astronomy. In my free time, I like reading and playing basketball.

Could you share a little bit about the project you worked on as part of this internship? What challenges does it solve? What technologies and tools are you using?

For most of my internship, I worked on the Synthetic Data project. The purpose of this project was to create PII anonymized ‘fake’ data for Machine Learning/Artificial Intelligence use cases. I mostly worked with Python, the Synthetic Data Vault libraries, and graphing frameworks like matplotlib. My main tasks were to create accurate Synthetic Data models and to find generic ways to graphically represent all forms of tabular data. I also worked with AWS Lambda and the AWS CLI to run tests.

What is your favorite part about working with the Karsun Innovation Center? Is there a weekly meeting or ritual you enjoy? The opportunity to learn more or get a new certification?

My favorite parts of working at the Karsun Innovation Center were the input I had in the development process and the team I worked with. I always felt like my opinion was respected at meetings, even in a room full of people that were far more experienced than me. I also had a great time working with the team, everyone was so willing to help each other and it felt like a comfortable, collaborative environment.

What is the biggest takeaway from your experience as an intern at Karsun?

My biggest takeaway from my experience at Karsun is that taking initiative is important. To be a valuable part of a team I have to research topics by myself and come up with goals to structure my approach to a problem.

Akhilesh was mentored by Srikanth Devarajan, Director, Karsun Innovation Center Data Practice.

Every summer Karsun embeds interns in our Innovation Center to work alongside our technology experts, prototyping solutions to support our customers. 2022 Intern Akhilesh Varanasi used synthetic data to address a common privacy concern, personally identifiable information (PII.) Using synthetic data, an artificial set of data is created to perform ML/AI work preventing exposure of sensitive PII. In the interview below, Akhilesh describes his experience in the Karsun Innovation Center and his synthetic data internship project.

First, please tell us about yourself. Where are you going to school? What are you studying? What do you like to do in your free time?

Hi all! My name is Akhilesh Varanasi. I’m currently a rising junior at the University of Washington in Seattle, where I’m a double major in Computer Science and Astronomy. In my free time, I like reading and playing basketball.

Could you share a little bit about the project you worked on as part of this internship? What challenges does it solve? What technologies and tools are you using?

For most of my internship, I worked on the Synthetic Data project. The purpose of this project was to create PII anonymized ‘fake’ data for Machine Learning/Artificial Intelligence use cases. I mostly worked with Python, the Synthetic Data Vault libraries, and graphing frameworks like matplotlib. My main tasks were to create accurate Synthetic Data models and to find generic ways to graphically represent all forms of tabular data. I also worked with AWS Lambda and the AWS CLI to run tests.

What is your favorite part about working with the Karsun Innovation Center? Is there a weekly meeting or ritual you enjoy? The opportunity to learn more or get a new certification?

My favorite parts of working at the Karsun Innovation Center were the input I had in the development process and the team I worked with. I always felt like my opinion was respected at meetings, even in a room full of people that were far more experienced than me. I also had a great time working with the team, everyone was so willing to help each other and it felt like a comfortable, collaborative environment.

What is the biggest takeaway from your experience as an intern at Karsun?

My biggest takeaway from my experience at Karsun is that taking initiative is important. To be a valuable part of a team I have to research topics by myself and come up with goals to structure my approach to a problem.

Akhilesh was mentored by Srikanth Devarajan, Director, Karsun Innovation Center Data Practice.

Every summer Karsun embeds interns in our Innovation Center to work alongside our technology experts, prototyping solutions to support our customers. 2022 Intern Akhilesh Varanasi used synthetic data to address a common privacy concern, personally identifiable information (PII.) Using synthetic data, an artificial set of data is created to perform ML/AI work preventing exposure of sensitive PII. In the interview below, Akhilesh describes his experience in the Karsun Innovation Center and his synthetic data internship project.

First, please tell us about yourself. Where are you going to school? What are you studying? What do you like to do in your free time?

Hi all! My name is Akhilesh Varanasi. I’m currently a rising junior at the University of Washington in Seattle, where I’m a double major in Computer Science and Astronomy. In my free time, I like reading and playing basketball.

Could you share a little bit about the project you worked on as part of this internship? What challenges does it solve? What technologies and tools are you using?

For most of my internship, I worked on the Synthetic Data project. The purpose of this project was to create PII anonymized ‘fake’ data for Machine Learning/Artificial Intelligence use cases. I mostly worked with Python, the Synthetic Data Vault libraries, and graphing frameworks like matplotlib. My main tasks were to create accurate Synthetic Data models and to find generic ways to graphically represent all forms of tabular data. I also worked with AWS Lambda and the AWS CLI to run tests.

What is your favorite part about working with the Karsun Innovation Center? Is there a weekly meeting or ritual you enjoy? The opportunity to learn more or get a new certification?

My favorite parts of working at the Karsun Innovation Center were the input I had in the development process and the team I worked with. I always felt like my opinion was respected at meetings, even in a room full of people that were far more experienced than me. I also had a great time working with the team, everyone was so willing to help each other and it felt like a comfortable, collaborative environment.

What is the biggest takeaway from your experience as an intern at Karsun?

My biggest takeaway from my experience at Karsun is that taking initiative is important. To be a valuable part of a team I have to research topics by myself and come up with goals to structure my approach to a problem.

Akhilesh was mentored by Srikanth Devarajan, Director, Karsun Innovation Center Data Practice.

Recently awarded Best Company Washington, D.C. 2022 by the employee rating site Comparably, we are hiring nationwide for remote roles.  Headquartered in Herndon, Virginia our modern software development, cloud and data solutions teams are repeatedly recognized for culture. In 2021 we won both Comparably’s Best Company Culture (a nationwide ranking!) and Top Workplaces USA’s Top Workplace Technology.

Best Company Outlook Best Company in Washington DC Now Hiring Developers, DevSecOps, Business Analysts, Data Engineers, Leads, Technical Architects, SDET and Test Automation Engineers

A seven-time Inc. 5000 honoree we are also one of the fastest-growing companies in the country. We want you to be part of that growth!  Our remote roles range from Architect to Software Developer in Test.

New Karsun team members not only join a rapidly scaling technology company, they also become enterprise modernization experts through resources provided by our Karsun Innovation Center. Every team member has access to emerging technology developed through our in-house research and development team in addition to workshops, brown bags and certification programs through our Karsun Academy professional development program. The Innovation Center also hosts dedicated practice advocates through our Data, Development, DevSecOps, Lean and Solution Practice Areas.

Join the 400+ experts that Do Extraordinary for government customers at agencies including FEMA, FAA and GSA. Apply for one of our 40+ open positions at KarsunCareers.com. No time to search? Check out our hottest jobs below!

  • Developer (Front End, Full Stack, .NET, Drupal, ETL, Java/Webservices)
  • DevOps/DevSecOps
  • Business Analyst
  • Data Engineer
  • Lead Solution Architect
  • UI/UX Lead
  • Development Lead
  • Technical Architect – Mulesoft
  • Software Developer in Test
  • Test Automation Engineer

About Karsun Solutions

Transform your career with the company transforming possible for the government. Join the workplace where the only limit to your potential is the limit of your curiosity. Thrive in a community that empowers software development, cloud and data experts. At Karsun, explore every possibility and turn your bold ideas into reality. Expand your career potential with dynamic development resources like Karsun Academy and sponsored technical certification courses. And joining a growing enterprise means as we grow, so do your career opportunities. Take your career to the next level and play your part in powering new possibilities for federal agencies. Join us at KarsunCareers.com.

In a recent FedScoop interview, Data Practice Director Shaunak Ashtaputre discussed accelerating innovation through data-led migration. Leveraging AWS, his team found they were no longer required to prioritize the quickest migration time. Instead, using a data-led approach, they focused on maximizing data value while minimizing the time to transform that data.

In the interview, he recalls a recent data platform modernization project. Addressing mismatched tooling and services, Karsun added capabilities as part of the data-led migration process. This included enhancing the centralized data lake, consolidating data through newly created pipelines and establishing quality baselines. Using automated data recipes, the new platform reduced the time to prepare data. This reduced the lead time from weeks to hours. While improving data latency, the team also transformed the process from a batch approach to a fully integrated analytics platform with transparent lineage, models and recipes. The solution was end to end, from ingest to dashboard.

Optimizing with Cloud Runways

Key to the team’s success was Cloud Runways, Karsun’s answer to complex data-led migration modernization projects. These toolkits accelerate cloud migration through fit-to-purpose transformation playbooks. These enable incremental migrations which adapt to unique customer requirements and constraints.

Karsun begins by building a holistic view by determining the agency’s intended approach to the cloud and data ecosystem. Using a Data-Led Migration Runway, the team assesses the existing integration landscape and identifies future needs. This includes understanding the needs of the analytics users of that data. Next, the team uses Karsun’s proprietary multi-criteria decision support framework to perform a robust assessment of available solution providers. These include vital characteristics such as interoperability, flexibility, SLAs and security to optimize provider selection.

As an AWS Advanced Consulting Partner with a Migration Competency, its customers may also utilize Karsun’s access to AWS Migration Acceleration Program (MAP) resources. This program packages best practices, tools, expertise, financial incentives, and the AWS Partner Network (APN) to simplify cloud adoption. Supporting customers investigating migration solutions, these financial incentives subsidize the three key steps in the migration process (Assess, Mobilize, and Migrate and Modernize). When applicable, Karsun implements these financial incentives as part of its Cloud Runways toolkit.

For those new to complex data migration projects, the Karsun Innovation Center also offers Immersion Days. In these workshops, Karsun cloud experts introduce customers and colleagues to enhance their practice. Additional innovation initiatives are driven through employee-centric Solution, DevSecOps, Lean, Development and Data practice areas. To get started, visit Karsun’s AWS Data-Led Migration Solution.

About Karsun Solutions

Karsun Solutions is a fast-growing, innovative enterprise modernization firm. Recently awarded Best Company Culture by Comparably.com, its teams deliver modern software development, cloud, and data solutions to customers at government agencies including the Department of Homeland Security, Federal Aviation Administration and General Services Administration. Leveraging GoLean, Karsun teams drive digital transformation and help its government customers Do Extraordinary. Learn more at Karsun-LLC.com.