AMBER LABS LIMITED

DevSecOps Engineering

The DevSecOps Engineering Service provides a full project delivery of Automation Pipeline development & deployment, itself delivered via code.

The implementation of CICD functionality enables blue/green/canary release patterns with rapid iterative and safe deployments.

Features

• DevSecOps Service delivered to meet specific business objectives
• Automated code testing, integration, deployment and rollback
• Continuous Integration, Continuous Deployment/Deployment
• Binary & Code security scanning
• Automated CIS/NCSC/etc. OS security hardening
• Small batch-work focus - faster iterations of deployment
• Continuous identification of constraints to improve flow
• On-success code promotion
• Automated rollback upon error detection
• Blue/Green or Canary deployments

Benefits

• Reduced operational costs
• Controlled platform expenditure
• Secure, reusable and consistent cloud deployment using CICD
• Automated code & binary file scanning
• Improve cloud security posture
• Compute capabilities automatically governed by policy to avoid mis-use/right-size deployment
• Removing impediments in the Software Development Lifecycle (SDLC)
• Loosely coupled architectures to enable safe continuous integration
• Psychological safety = Improved innovation
• Agile-based approach delivery focusing on delivering value

£376 to £1,696 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@amberlabs.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

168142800895438

Contact

James Bennett
07852109808
sales@amberlabs.io

Planning

• Planning service: Yes
• How the planning service works: Our DevSecOps Engineering solutions will vary depending on the specific needs of the buyer and can address immediate demands as well accommodating future workloads.; ; Planning will consist of understanding the business objectives and strategies required of the service. ; ; Planning will incorporate whether the DevSecOps Engineering solution is part of a greenfield or existing implementation. As such, planning will establish the process of enabling DevSecOps components.; ; Highlighting any additional procurement will be done early to accommodate procurement processes and lead times that impact planning.; ; Finally a clear priority process for the projects and capabilities being enabled on the service will feed into planning, so resources can be allocated appropriately and dependencies managed, in order to ensure that the implemented DevSecOps & CICD services deliver value.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Microsoft Azure DevOps
  • AWS CodeCommit, CodeBuild, CodeDeploy, CodePipeline
  • Jenkins, Octopus Deploy, CircleCI, GitLab, Bamboo

Training

• Training service provided: Yes
• How the training service works: We have dedicated engineers that have experience training and explaining all types of software and tooling. We can provide one-to-one training and support as well as more formal classroom-based training if required. Our classroom training courses are tailored to your needs and conducted online.; ; A core facet of our DevSecOps Engineering teams is empowering the business with ongoing knowledge transfer, we can support and train in subject areas such as Repository management, CICD design and operation, Release Management strategies and implementation, as well as the minutiae of the technologies underpinning the cultural implementation of DevSecOps. ; ; A non-exhaustive list of technologies we can provide training and support with includes Azure DevOps, Jenkins, Octopus Deploy, CircleCI, GitHub, GitLab and BitBucket. Along with Terraform, Ansible, terraform-docs, Open Policy Agent, etc.
• Training is tied to specific services: Yes
• Services the training service works with:
  • Azure DevOps
  • Jenkins
  • Octopus Deploy
  • CircleCI
  • GitHub
  • GitLab
  • Terraform
  • Ansible
  • BitBucket

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: The DevSecOps Engineering service will help organisations improve the delivery cadence from idea to functional solution by utilising our wealth of capabilities and expertise in DevSecOps, empowering teams with our consistent (on-demand) environment creation with POLP security, and customer focus with our innate need to automate away any tasks that occur more than once and remove impediments from the SDLC and increase developer productivity.; ; We champion fast feed-forward and back, the use of telemetry, and observability to improve the reliability and availability of systems delivered through our DevSecOps CICD service.; ; Migration & transformation fits into the following options:; 1. Re-platform - automated deployment of existing services with small modifications, optimising for immutable infrastructure.; 2. Refactor - optimise the solution and adopt cloud-native best practices to services e.g. microservices/containerisation; 3. Re-invent - completely blank canvas of new architecture and design, expanding on cloud-native practices with Serverless functionality; ; DevSecOps is a culture and approach, rather than a selection of tooling.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • Microsoft Azure
  • Amazon Web Services
  • Google Cloud Platform

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Quality assurance is at the heart of the Amber Labs ethos. All of our engineers have experience in automating unit, integration, and end-to-end testing and are experienced in assessing existing service and software performance, providing alternatives and code refinement where performance and quality can be improved.; ; Security of services will be tested to ensure encryption and principles of least privilege are applied to data storage/management components and computing.; ; Governance processes will be tested to ensure that policies have been implemented correctly so that users cannot create compute beyond their needs and to ensure the compute is terminated when idle according to design.; Integration testing will be performed on tools, and technologies that will access services, along with regression tests will be performed to ensure that new capabilities do not negatively impact as it moves forward.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security audit services

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Our DevSecOps service can provide support and ongoing maintenance for the resultant platforms and associated functions. The service includes access to 24/7 technical support, active monitoring, and continuous improvements to your cloud platform.

Service scope

• Service constraints: The DevSecOps Service does not have any constraints.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on the level of service required, we can provide varying response times up to 24*7 365 Days per year support with 30 minute response times. It is recommended that the Service Level Agreement appropriate for your needs be assessed and agreed during the Project Implementation phase.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Our Web Chat Tool has been thoroughly tested with a range of Assistive Technology users.
• Support levels: We can provide a range of custom support levels ranging from short periods of dedicated support time per day up to 24*7 365 Days per year. The level of support required will depend on the Solutions being implemented. The precise level of support required will be defined during the project costing phase. Support Costs will be based on the Service Management Rates detailed in our rate card.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Amber Labs, we are deeply committed to effective stewardship of the environment, aligning with our mission to fight climate change. Our predominantly remote and paperless way of working not only enhances efficiency but also significantly reduces our carbon footprint. By minimising the need for commuting and embracing digital solutions, we actively contribute to lowering greenhouse gas emissions, working towards our goal of achieving net zero emissions. Additionally, our company employees benefit from an electric vehicle scheme, further promoting sustainable transportation practices. Through our contracts, we harness our influence to instil environmental consciousness among staff, suppliers, customers, and communities, fostering a culture of protection and improvement to address the urgent challenges posed by climate change.

  Covid-19 recovery

  At Amber Labs, we prioritise a predominantly remote work setup, unless specifically requested by our clients. This approach not only grants our team greater flexibility but also serves as a proactive measure to mitigate health risks, including those associated with Covid-19. This adaptability not only benefits our valued staff but also aligns with the evolving needs of our clients, many of whom have yet to fully transition back to pre-pandemic office setups.; ; We create employment through our apprenticeship program. This scheme empowers young people from all backgrounds across the country to build meaningful careers in technology, by providing skill-building and employment pathways. Through our program, we not only bridge the digital and geographic divide but also cultivate a diverse and skilled workforce that drives innovation and social progress. ; ; In addition to our apprenticeship scheme, we're deeply committed to fostering employment opportunities through our graduate program. Geared towards technology graduates, this program is designed to pave the way for fulfilling careers in consulting, with a specialised focus on bolstering AI skills. We firmly believe that investing in such high-growth sectors equips individuals with the tools needed for remarkable success.; ; Furthermore, in recognition of the ongoing challenges posed by Covid-19 and other long-term health conditions, Amber Labs is dedicated to supporting affected employees through tailored accommodations. From flexible work hours to remote work options, and even adjustments in job responsibilities, we strive to create an inclusive and supportive environment where every team member can thrive.

  Tackling economic inequality

  At Amber Labs, we're committed to fostering economic inclusivity through our apprenticeship and graduate programs. Our apprenticeship scheme is designed to empower individuals from diverse backgrounds, providing skill-building opportunities and employment pathways in the technology sector. On the other hand, our graduate program specifically targets graduates in technology disciplines, equipping them with the expertise needed to thrive in high-growth industries like AI. In addition to these programs, Amber Labs initiates partnerships with inner-city schools to introduce students to technology careers, providing insights and connections with industry professionals and enhancing awareness of emerging technologies like AI from a young age.; ; Furthermore, Amber Labs proudly boasts a geographically diverse workforce drawn from all regions across the UK. By offering market-leading salaries, hybrid and flexible working arrangements, we demonstrate our commitment to creating an inclusive environment where everyone has the opportunity to succeed, regardless of their location or background.; ; In recognition of the economic challenges faced by many, such as the ongoing repercussions of Covid-19, Amber Labs is dedicated to providing support and accommodations. Whether through flexible work arrangements, remote work options, or tailored leave policies, we aim to ensure that individuals facing economic adversity have the opportunity to thrive in the workplace.; ; As an SME, we take pride in our continuous commitment to enhancing supply chain resilience and capacity.; ; Embracing innovation, including disruptive technologies like AI, we drive efficiencies and deliver higher quality goods and services, while also supporting the development of scalable and future-proofed methods within the supply chain. Cybersecurity is paramount, and we take proactive measures to identify and manage risks throughout the delivery process, including training for all our new consultants.

  Equal opportunity

  At Amber Labs, we are dedicated to reducing the disability employment gap and fostering equal opportunities within our workforce. Through our commitment to diversity and inclusion, we take proactive measures to increase the representation of disabled individuals in our contract workforce. Our interview processes are predominantly conducted remotely, ensuring accessibility and inclusivity from the outset. Additionally, we provide comprehensive support for disabled employees, including adaptations for remote working and accessible facilities, ensuring that they have the tools and resources needed to thrive in their roles.; ; Furthermore, we prioritise tackling workforce inequality through our performance management framework, which identifies areas for training and development for all employees. This framework ensures that individuals, including those from disadvantaged or minority groups, have access to opportunities for in-work progression and skills development relevant to our contracts. We use the information from this framework, and our knowledge on industry trends and client needs, to invest in continuous training for our consultants to ensure they remain up-to-date; this is funded internally to guarantee that our employees receive the necessary support to excel in their careers. Through these initiatives, we are committed to fostering an inclusive and equitable work environment where everyone has the opportunity to succeed.

  Wellbeing

  At Amber Labs, we prioritise the health and wellbeing of our workforce by taking proactive measures and fostering a supportive environment. We offer private medical insurance to all our employees once they have passed probation. Through initiatives like Perkbox, consultants have access to free mental health and physical health resources, along with discounts for gym memberships. Additionally, we advertise an HR inbox and provide a designated point of contact for those who wish to discuss mental health concerns, supplementing the line management chain for additional support and accessibility.

Pricing

• Price: £376 to £1,696 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@amberlabs.io. Tell them what format you need. It will help if you say what assistive technology you use.