AI-Powered Application Penetration Testing—Scale Security Without Compromise Learn More

bishopfox-logo-grey
Get Started
Cosmos Series Part 3: The Importance of Automation

Cosmos Series Part 3: The Importance of Automation

By:

Share

This is Part 3 of a four-part blog series sharing learnings from our journey to optimize the people, processes, and technology powering the platform for our Bishop Fox Managed Services. Watch this video to learn how Cosmos combines attack surface technology and expert testing to deliver continuous threat exposure management while reducing the burden on security teams.

Part 3: The Importance of Automation

In earlier blog posts, I covered how the core architectural principles of the Cosmos platform and how we’ve redefined work with our product and engineering teams. Today, I will highlight how our engineering group is continuously improving our processes and infrastructure. Our transformation from manual processes to automated excellence has revolutionized how we build and deploy security capabilities.

In 2023, our processes for monitoring, releasing, and managing the Cosmos platform were largely manual. Since then, we’ve transitioned to highly automated integration and deployment processes, and changed how our teams write code for the platform.

We have quickly adopted high levels of automation for building and deploying code. We standardized our code repositories with common templates which made it easier to automate the creation of new code repositories. We also heavily leveraged repository automation for pull requests, branch mergers, and deployments. These automations have brought about significant improvements, such as the ability to build and demonstrate a new testing framework in under a week.

Writing code has changed as well. As all our infrastructure is code, writing code has simplified. Only code from our repositories makes its way into any environment, including the definition and processes themselves. With the entirety (environment and platform) generating itself from our code repositories, local development, disaster recovery, scaling, and all the other ‘running a platform’ processes become simpler and consistent. For example, adding a new, usable testing framework can take a few days. Monitoring and auditing don’t require third parties to mash and munge logs. And, of course, any change can be immediately reversed if found to be problematic. Thanks to these changes and architectural improvements, our deployment velocity has increased significantly, while the consistency and predictability in our deliverables increased.

Automation changes how our engineering and product teams approach their work on Cosmos, improving their ability to deliver new features and capabilities quickly. In my next blog, Results-Oriented Critical Thinking, we will review how we’re further supporting our teams’ velocity by changing where we start solving a problem.

By Aaron Symanski

Chief Technology Officer

Aaron Symanski is a technology executive and Bishop Fox alumnus with extensive experience across leadership roles in technology and innovation. He currently serves as CTO and Senior Vice President at Carrick Capital Partners, a position he has held since April 2021, and sits on the boards of Renalogic, Blackwell Captive Solutions, and Kalderos.

Prior to his current roles, Aaron served as Chief Technology Officer at Bishop Fox. He has also held executive positions at Camden Passage Association, Stats Perform, and Discovery Health Partners, where he advised technology strategy through a major acquisition. As Chief Executive Officer at Infinia ML, he led the company through its acquisition by Aspirion.

More by Aaron Symanski

Subscribe to our blog

Be first to learn about latest tools, advisories, and findings.

Recommended Posts

You might be interested in these related posts.

Product Blog

Most Security Programs Test a Fraction of Their Applications. That Changes Today.

Most Security Programs Test a Fraction of Their Applications. That Changes Today.
Bishop Fox's Rob Ragan explores how Cosmos AI transforms application security testing from a logistical bottleneck into a scalable service—enabling organizations to test entire portfolios.
Read Post
Product Blog

Cosmos Series Part 4: Results-Oriented Critical Thinking

Cosmos Series Part 4: Results-Oriented Critical Thinking
Explore how Bishop Fox integrates critical thinking into Cosmos development to enhance scalability, flexibility, and velocity. By focusing on outcomes and adopting structured analytical processes, we’ve avoided design pitfalls and empowered our teams to deliver impactful solutions.
Read Post
Product Blog

Cosmos Series Part 2: Outcome-driven for Features and Capabilities

Cosmos Series Part 2: Outcome-driven for Features and Capabilities
This post explores how Bishop Fox transitioned to an outcome-driven approach for Cosmos development, streamlining processes with success criteria, continuous roadmapping, and data-driven prioritization to deliver more impactful customer solutions.
Read Post

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.