Case Studies

VioPoint Qualys Data Warehouse


Business Needs

VioPoint and their clients needed security solutions to handle multiple points of security standards. Their preexisting applications were in need of being updated, and new processes needed to be built to handle growth and customer needs. VioPoint needed reports that complied with required client standards based on government regulation, reduced the number of vulnerabilities in their systems, and could be used to create a baseline to compare data. They also needed PowerShell utility use cases to produce data based on specific criteria, which would then be updated and create a graphic representation of the report for the user. Different solutions were needed based on security vulnerabilities and scanning times.

Company Information

For more than 9 years, VioPoint has been helping organizations effectively manage the challenges of protecting critical business data. They understand the value of delivering results and each of their core offerings (testing, compliance, vulnerability management, and monitoring) are focused on this simple goal.   VioPoint’s experience transcends a broad range of clients that include leading industry segments.

Organizations work with VioPoint because they want to accelerate security program performance and establish a foundation for continued success.  If you are struggling to quantify results and faced with the all too common challenge of selling silence, VioPoint can help.

General Problem Description

VioPoint had a client needed to resolve multiple issues at once. They wanted to be able to feed their internal dashboard for live reporting of current data, while at the same time have a backup of their cloud Qualys/Kenna data.

Solution

Spud Software created a Windows service and a front end application (WPF app) that communicates via a Web API service. We built the functionality to pull data from Qualys and Kenna, and the Kenna data imported and merged with the Qualys data. The front end application sets up all of the settings for the applications, and communicates via a web service which has a self-hosted Web API service within it. The Windows service also has a self-hosted SignalR service. The user can manually start the process to download data through the SignalR service, whose communication channel was carefully designed for UX and responsiveness. The project included a SQL scripts, created to handle 11 different use cases that VioPoint’s clients needed. The scripts were given to VioPoint’s clients dashboard team in order to put it into their internal dashboard.


Technical Details

The front end application is a Windows Presentation Foundation (WPF)application which communicated with the windows service in one of two ways, Web API or SignalR. Web API was used in order to create, read, update, or delete functions and windows service settings. SignalR was used to run a function outside of its scheduled runtime.


The Windows service handled the running of the functions, while Qualys functions would download all current data from the Qualys cloud and import the information into a temp table in the database. The data would then be prepared for the merge and merged into the rest of the data. Kenna functions would download all current Kenna data and store it in a temp table before merging the data into the correct Qualys Asset record. The Purge Data function cleaned out all of the data in the data warehouse based on company policies.

Spud Software, Inc. BBB Business Review