DevSecOps Design and Implementation

Global Digital Security and Identification Leader

Case Study – Global Digital Security and Identification Leader



Our clients application landscape relies heavily on a lot of legacy code that has been around for almost 30 years. The main crown jewel application is built with a legacy assembly language, and it is in the form of a thick client which is built and managed by developers at their local workstations. To build and package the artifacts developers need to run lot of manual steps in various environments. Moreover, version control is also not enforced, allowing developers to commit code at their own discretion, this will result in potential new problems and flaws not being found before to significant production releases. When an organisation ends up supporting numerous version control systems, this problem is frequently made worse. The delivery pipeline is slow-moving as it was established during the waterfall days but now it has become outdated for agile ways of working.  Our client has started a transformation journey that leverage more efficient practices and automation to speed up the software delivery lifecycle and ship the releases more frequently to their clients.


Lack of Effective Version Control management: Application code is managed at developer’s local workstation without any proper version control and branching.

Missing DevOps and CI/CD Practices: The manual delivery process contained many steps, introducing opportunities for human error, ultimately leading to non-repeatable and inconsistent releases.

Cumbersome Artifact Versioning: No defined versioning in place. Artifacts/build packages are versioned base on the file managed by the developer at local workstation and shared between the teams/customers manually.

Outdated Environment: Build process involves many outdated dependencies which makes the application at risk with high technical debt

Our Solution:

TLConsulting professional services team is provided the solution, that laid the foundations for the DevSecOps practices, and to support a more streamlined model with a strong focus on automation. 


Established the DevSecOps practices, processes, and tools in to support a more streamlined model with a strong focus on automation. 


Established workflows and strategies required for continuous integration. 


High level solution design and approach for the future state DevSecOps process.


Build efficient pipelines for source code build, integration, and versioning using Azure DevOps. 


Established a Git branching strategy to support parallel development and product releases.


Established a dependency management pattern which is resolved and triggered downstream with upwards of 15x other product changes and be able to deal with complex versioning. 

Key Outcomes:


Enabled the organization in transformation towards Agile DevOps way of working by increasing competitive advantage and improved efficiency.


Reduced manual intervention, adopted a DevOps culture, and integrated CI/CD into the delivery paradigm.


Faster feedback loops with the automation test suites and deployment actions.


Established a branch approval procedure with required automated inspections and an Azure DevOps artifact to improve binaries and release management


Optimized delivery model with 100% automation that reduced human error and improved overall efficiency

Uplift your DevSecOps capability today


Contact Us