appsconsultant.com

appsconsultant.com
  • Home
  • About
      • About us

        Flexibility is the biggest selling point that we have over our larger rivals. We give our clients the freedom needed to thrive in today’s fast-paced business world, organisations say to us that they often see higher quality work from independent consultants like us, this reason is the primary motivator when choosing us over a big firm. This means that we have the same skills and experience as the big firms, with added freedom and flexibility to let us focus and resolve client requirements.

      • Latest news
        5 Reasons you should go with PWAs for your Web and Mobile Apps

         

        Are you creating an application and you need to decide whether to make it Web or a Native development.

        Will be covering Progressive Web Apps (PWAs) and 5 reasons why tyou should select PWAs for your web and mobile apps. 

        What are PWAs?

        In simple terms, they are applications that are built and live on the web but function like Native Applications. 

        Users spend a significant amount of more time on Native Apps than on the mobile Web. Think about it, do you open up a browser to use Google Maps on a mobile?

        5 Reasons you should go with PWAs for your Web & Mobile Apps

        1. Technology

        A survey by Stack Overflow suggests that JavaScript and HTML/CSS are the most commonly used programming language. These results influence the technology adoption by developers, and as a result, it is easier to find developers on the web track.

        PWAs reduce development costs and deliver faster. Using the same stack for Native and Web is a way to reuse code as much as possible. By sharing and managing your reusable components/modules in cloud component hubs, you are able to focus on composing apps instead of building from scratch for multiple technologies and platforms.

        2. Reliable Performance

        PWAs are fast, integrated, reliable, and engaging.  

        èFast: Users expect PWAs to load quickly. It is worth noting that users are more likely to abandon a site, and less likely to visit a site, with longer load time.

        èIntegrated: Users should be able to interact with PWAs the same way they interact with Apps. This includes having all the capabilities and hardware access that other Apps have, such as ApplePay or AndroidPay. 

        èReliable: Users do not expect the Web to work when offline, whereas App users expect Apps to work offline. PWAs are connectivity-independent and should work in areas of low connectivity or offline. 

        èEngaging: Using features like Web Push to keep the App up-to-date and push notifications to keep users engaged. 

        3. Provides Best User Experience using Service Workers

        Service Workers are often used in new web apps and can also be used in PWAs. Let us look at the main features Service Workers offers for PWAs.

        • Working Offline: With Service Workers, you can cache the application shell, and it will load instantly when the user visits back. These background operations allow improving the user experience of the application since the user won’t see any significant differences between online and offline modes. But the dynamic content will only be refreshed when there is a connection.
        • Background Sync: With Service Workers, the application is able to respond to critical requests once the connection is available. For example, if you send a message when you are offline, service worker will take care of that and complete that request when the connection is available.

        4. Native App Look and Feel

        Web Apps are easy to use, do not require installation, and they are multi-platform. On the other hand, Native Apps are easier to access on a device, load quickly, and have more hardware capabilities. 

        With Progressive Web Apps, you can get the best of both worlds. This is because PWAs have features such as push notifications and background syncing and are installable on a mobile devices.

        5. Enhance Security and Transparent Access to Device Capabilities

        PWA enforces transport layer security. Therefore, users' information will be encrypted during transmission, and data can only be decrypted using a private key stored on the server. For this reason, PWA website follow best security practices using HTTPS, and the installation of an SSL certificate in the server is done.

        Moreover, PWA does not interact with the device hardware without users’ permission. So, by requesting only necessary access to a user's device and using trusted JavaScript libraries which are kept up to date, the risk of malicious codes inside PWA becomes significantly lower.

        Advice for the next generation professionals entering the fourth industrial revolution

        As the new generation is graduating from university, and the fourth industrial revolution with the help of COVID19 changing the way we work and live.  

        10 tips for the next generation professionals

        1- Read more and Write more

        2- Practice public speaking

        3- Value friendships - keep your sense of humour

        4- Solve harder problems, dont take the easy route - find joy in the job

        5- Learn to collaborate

        6-Build professional relationship through great attitude

        7- Act know - be brave

        8- Emotional intelligence

        9- Think out/in/over/left/right of box - work hard and be ready for sudden changes

        10- Time management

        Have Fun ! It may seen simple, but a fun workplace is a happy workplace. Its important to not just let Gen Y employees have fun, but to have fun with them.

        Socializing with your staff can be the one of the best ways to build loyalty and collect feedback.

         

        Tips for online meetings - post COVID19 environment

        As online meetings grow in popularity post Covid19, there are challenges to adjust when compared to in-person meetings.

        Here are 4 tips:

        1- The energy in your voice can give clues to the message that you are sending.

        Are you delivering your point with confidence?

        Does your message sound positive or negative?

        How can you use your voice inflections to emphasise your point?

        What feeling is your tone of voice reflecting?

        2- Your choice of words and language in a meeting can sometimes persuade opinions to go in your favour or do the reverse. Be mindful when choosing your words and avoid language that makes assumptions or discriminates.

        3- Watch your online video body language

        Body language is just as important as verbal communication. It provides clues to your attitude and state of mind – be conscious of the message that you’re sending with your body language.

        Are you slouching in your chair?

        Are you using eye contact to include everyone?

        Are your arms crossed defensively?

        4- Always test your technology - audio, look at the camera usually light on top of screen not your screen or looking on the side. Use the video option when talking if possible.

        Were all in this together , stay safe , Be kind, Smile and most important, Enjoy each day!

         

         

         

      • What we offer

        Business & Technology Consulting

        We offer clients specialised consulting in areas that we deeply understand. Our services include:

        • - Skills To Envision, Design And Develop Enterprise Apps
        • - Talent For SaaS/PaaS/IaaS In The Cloud
        • - API Architecture
        • - Data Science Talent
        • - ALM deployments – Agile/Devops
        Read more
  • Services
  • Blog
  • Contact
  • Home | 
  • Blog | 
  • Reinforce application security developed on AWS/ Azure - Options

Reinforce application security developed on AWS/ Azure - Options

by Alex Antonatos
on 23 April 2019

Most corporations are adopting a DevSecOps approach - by maximising automation and trying to reduce manual intervention as much as possible.

In continuous delivery environment , most companies dont have the resources and probably not possible to have a team out of project to proceed with security test in a continuous delivery approach.

 

When looking for a solution , here are the requirements that you should focus on :

 

Detection of application code vulnerabilities:

  1. Cover the entire application
  2. Be able to set security rules
  3. Ability to perform incremental scans
  4. Acceptable false positive rate
  5. Detection must not impact application performance
  6. anonymization of the name of the applications for the vulnerabilities reported

Automation of detection:

  1.   Integration with Continuous delivery platforms (example: Concourse, Jenkins)
  2.   Build in case of discovery of vulnerabilities

Reporting:

  1.   Integrate with bug management tools
  2.   Raising indicators specific to each application in a portal

Dont build i think its a mistake, the market is moving towards solutions that are SaaS and most of these companies are building a blackbox type of security solution, buy a market solution and integrate it

here is a starter list:

1) Veracode https://www.veracode.com/

2) Checkmarx https://www.checkmarx.com/

3) IBM AppScan Entreprise https://www.ibm.com/security/solutions

4) Contrast Security Assess https://www.contrastsecurity.com/interactive-application-security-testing-iast 

 

 

 

 

 

 

 

 

 

 

Categories
  • Blogue (Francais)
  • Enterprise applications
2305 Rockland Rd Mount Royal, QC H3P 3E9
514-240-40907 Days a week from 9:00 am to 7:00 pm
alex@appsconsultant.com
appsconsultant.com © 2020. Privacy Policy
Login
 Facebook  Google

username / password