Overview:
We developed and implemented a solution aimed to:
- Address security concerns by removing hardcoded sensitive data (like passwords, connection strings, and private key paths) from applications and securely storing them in CyberArk Vault. A CyberArk helper was integrated into 15+ applications to securely fetch credentials.
- Replace a 10-year-old, undocumented PowerShell script used for file transfers with the modern GoAnywhere MFT (Managed File Transfer) tool. This allowed for better automation, monitoring, and logging of file upload/download operations.
- Upgrade applications from outdated .NET versions to the latest framework, resolving compatibility issues, improving performance, and addressing security vulnerabilities.
Business Challenge:
The client faced several challenges across their application ecosystem and audit readiness:
- Lack of proper logging made it difficult to troubleshoot issues, especially in production environments.
- Security risks due to hardcoded credentials in plain text within application code.
- Missing notifications led to stakeholders being unaware of file operation statuses (success/failure).
- Outdated File Transfer PowerShell Script had no documentation and limited knowledge among current team members, risking operational transparency. Additionally, having a single script handle multiple operations created a single point of failure.
- No technical documentation existed for several key components or workflows.
- Legacy .NET applications suffered from performance and security issues due to outdated packages and dependencies.
Our Solution:
- Implemented centralized logging across all applications, improving traceability and making issue resolution faster and more efficient.
- Integrated CyberArk Vault to securely manage all sensitive credentials, removing them from source code and reducing risk.
- Enabled email notifications for critical operations such as file uploads/downloads and data insertions, ensuring stakeholders stay informed of system status.
- Replaced File Transfer PowerShell Script with GoAnywhere, offering better file transfer automation, visibility, and auditing capabilities. File operations were also separated into individual jobs within GoAnywhere to reduce risk and improve manageability.
- Created and maintained documentation in Confluence for all key processes including script breakdowns, application workflows, server paths, and GoAnywhere integrations. Multiple solution approaches were also documented to support decision-making.
- Upgraded applications to a modern .NET version (.NET 8), solving compatibility and performance issues while unlocking new framework benefits.
Technologies Employed:
- CyberArk Vault (for securely storing credentials like passwords and connection strings)
- GoAnywhere MFT (Managed File Transfer tool)
- MySQL Database
- PuTTYgen Tool (tool for generating SSH keys)
- C# and VB.NET
- Azure Cloud Services
- .NET Core
The Outcome:
- Improved system and application performance across 15+ applications
- Easier issue tracking and faster resolution through enhanced logging
- Strengthened security by removing hardcoded sensitive data and integrating CyberArk Vault
- Streamlined file operations with reliable monitoring, automation, and notifications
- Ensured audit readiness and team knowledge with detailed documentation
