Web app for data collection terminals Honeywell
Request:To create a web application (UI) and API to interact with a threat intelligence exchange terminal.
Result:A well-developed, user-friendly interface with good usability properties, intuitively clear to users.
- ASP.NET Core Identity
- EF Core
- MS SQL
We cooperated with Honeywell – a USA-based company that specializes in cybersecurity and developing tools for exchanging information about security threats.
The customer chose Cogniteq due to our extensive experience in cybersecurity and frontend development coupled with expertise in Microsoft technologies (.NET). Our experts successfully passed several interview rounds to be entrusted with the work on the client's terminals.
The main challenge was to create a web application (UI) and API to interact with a threat intelligence exchange tool giving access and management of the information .
Our team implemented solutions from scratch for both the frontend and backend parts of the web application interface (UI + API for Events solution). Users from different organizations have the possibility to track statistics and export information from different terminals.
The principal app functionalityThe web application analyzes data contained in the database and calculates statistics that are displayed to the user.
Classification categoriesThe solution data is divided into organization, open drives, total drives, total files, blocked files, and total gateways (terminals).
Events optionAdministrators or managers can create Events, define severity, and manage the status of the Events. Closed Event options are turned off by default. All open Events for all Organizations the user belongs to are displayed by default.
Why the API is usedThe web application employs API to interact with the database comprising info from the terminals installed at the entrances to the enterprise premises. The terminals check the data saved on portable flash storage devices (USB drives) for threats and encode the the information to be used inside the office area.
What the Events are forThe development team has implemented a separate API for the functionality of creating Events for detected data security threats. The Event includes:
- Organization name
- Event ID
- Summary (concise description of the threat found indicating the number of the session)
- Assigned User
- Severity status assigned by the system
- Last updates
- Status (New, Open, Closed) showing the state the Event is worked on
The web application provides
- Two-factor authentication with the e-mail sent to verify access to the account.
- Role-based access within the web application: admin, manager, the user.
- Independent API for Events functionality / creating Events for the threads detected.
- Reports export.
The team has successfully implemented the required solution.
The admin panel provides a well-developed user-friendly interface that provides access to data management capabilities based on the user roles.
We met client expectations in terms of project results. We continue our cooperation with SLA agreement and other assignments.