BES Atlassian Toolset Enhances Capabilities

  • Published
  • By David Riley

In April 2024, the Business and Enterprise Systems (BES) Atlassian Toolset (BAT), upgraded its metrics and monitoring capability by incorporating a front-end service called ELK Stack, also referred to as Elasticsearch, or Kibana.

ELK Stack provides the BAT with the ability to aggregate logs from all systems and applications, analyze these logs, and create visualizations for application and infrastructure monitoring.

This improvement also allows for faster troubleshooting and security analytics which will enhance BAT continuous monitoring in support of DoDI 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT), and NIST SP 800-53r4, Security and Privacy Controls for Federal Information Systems and Organizations supporting the BAT’s Authorization to Operate (ATO).

Unlike an installment of a new plug-in to one of the BAT applications, users will not see a concrete advantage from incorporating ELK Stack. The implementation of ELK Stack within the BAT infrastructure does, however, bring benefits in the form of Security Information and Event Management (SIEM).

SIEM technology supports threat detection, compliance, and security incident management through the collection and analysis (both near real-time and historical) of security events, as well as a wide variety of other event and contextual data sources. The core capabilities are a broad scope of log event collection and management, the ability to analyze log events and other data across disparate sources, and operational capabilities, such as incident management, dashboards, and reporting.

SIEM technology supports the CyberSecurity principles of Confidentiality, Integrity, Availability, Non-repudiation, and Authentication (CIA). Users will have confidence that their information is not disclosed to entities unless they have been authorized to access the information; this is Confidentiality, and it minimizes the attack surface by minimizing the population that can access the information stored within the BAT. Users will know that the Integrity or assurance of the accuracy and completeness of data within the BAT has not been compromised. Users can have surety that systems, applications, and data are available to users when they need them. Users will have accessibility and usability upon demand when an authorized entity connects to the BAT.

Incorporating ELK Stack culminates a fourteen-month effort of research and testing in the BAT test environment by the Agile Services Office (ASO) within the Services Management and Operations Divisions of BES.

Presently, 70 programs use the BAT in their software development lifecycle, employing 498 project spaces in the BAT environment.

The BAT offers four components for agile software development: Jira (project workflow management tool); Jira Service Management (service desk services); Confluence, (collaborative workspaces); and BitBucket (source code repository). The plug-ins expand on the base functionality of these components, allowing users to make Microsoft Excel-like tables, run test scripts, or make effortless copies of issues. These functions provide programs with vital capabilities including team and strategy management, cost and schedule monitoring, release planning, and forecasting, which allow teams to maximize developmental efficiency.

The ASO also offers extensive training opportunities in both Agile and the Atlassian Toolset, providing over 20 hours of continuous learning every month. These workshops, ask-me-anything sessions, crosstalk’s, and user forums offer a multitude of opportunities for the BES community.