BMC Case Studies Global Health Service Company

Edit This Case Study Record

	Global Health Service Company BMC

Global Health Service Company

BMC

Technology Category	Application Infrastructure & Middleware - API Integration & Management Application Infrastructure & Middleware - Data Exchange & Integration
Applicable Industries	Healthcare & Hospitals
Applicable Functions	Business Operation
Use Cases	Cybersecurity Infrastructure Inspection
Services	Software Design & Engineering Services System Integration
Challenge	The Global Health Service Company (GHSC) was managing an enterprise-wide DevOps initiative that included mainframe applications teams. The company wanted to execute COBOL source code security and syntax checking for every mainframe product release from its claims processing team. The company performs security and code syntax scans on their distributed and mobile apps and needed to duplicate that process for the mainframe teams. The company also needed the ability to manage mainframe and distributed code releases in a similar manner. This would provide quick feedback of issues to development and give management a common dashboard (SonarQube) for analyzing application code quality. These scans are critical for Continuous Integration practices for the enterprise DevOps effort. Read More
About Customer	The customer is a Global Health Service Company (GHSC) that manages an enterprise-wide DevOps initiative, including mainframe applications teams. The company has a mission-critical claims processing application that is large and comprises COBOL, batch, IMS/DB/DC, and Db2. The company performs security and code syntax scans on their distributed and mobile apps and wanted to duplicate that process for the mainframe teams. They also wanted to manage mainframe and distributed code releases in a similar manner to provide quick feedback of issues to development and give management a common dashboard for analyzing application code quality. Read More
Solution	The mission-critical claims processing application is large, comprising COBOL, batch, IMS/DB/DC and Db2. During a Topaz POC in early 2017, Compuware demonstrated to the GHSC team how a Jenkins plugin can extract released COBOL source from the application to a SonarQube server for security scanning with HP Fortify and syntax scanning with the SonarQube for COBOL plugin. A DevOps specialist and a consultant from the GHSC worked with Compuware Product Manager Steve Kansa and Field Technical Support representative Andy Jepeal to implement the Compuware Source Code Download plugin along with the Topaz CLI on the Jenkins server where the SonarQube and HP Fortify scans are executed and reported to a SonarQube dashboard. Steve assisted in the development of the Jenkins pipeline scripts necessary to perform these extracts. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - API Integration & Management

Application Infrastructure & Middleware - Data Exchange & Integration

Applicable Industries

Healthcare & Hospitals

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Infrastructure Inspection

Services

Software Design & Engineering Services

System Integration

Challenge

The Global Health Service Company (GHSC) was managing an enterprise-wide DevOps initiative that included mainframe applications teams. The company wanted to execute COBOL source code security and syntax checking for every mainframe product release from its claims processing team. The company performs security and code syntax scans on their distributed and mobile apps and needed to duplicate that process for the mainframe teams. The company also needed the ability to manage mainframe and distributed code releases in a similar manner. This would provide quick feedback of issues to development and give management a common dashboard (SonarQube) for analyzing application code quality. These scans are critical for Continuous Integration practices for the enterprise DevOps effort.

About Customer

The customer is a Global Health Service Company (GHSC) that manages an enterprise-wide DevOps initiative, including mainframe applications teams. The company has a mission-critical claims processing application that is large and comprises COBOL, batch, IMS/DB/DC, and Db2. The company performs security and code syntax scans on their distributed and mobile apps and wanted to duplicate that process for the mainframe teams. They also wanted to manage mainframe and distributed code releases in a similar manner to provide quick feedback of issues to development and give management a common dashboard for analyzing application code quality.

Solution

The mission-critical claims processing application is large, comprising COBOL, batch, IMS/DB/DC and Db2. During a Topaz POC in early 2017, Compuware demonstrated to the GHSC team how a Jenkins plugin can extract released COBOL source from the application to a SonarQube server for security scanning with HP Fortify and syntax scanning with the SonarQube for COBOL plugin. A DevOps specialist and a consultant from the GHSC worked with Compuware Product Manager Steve Kansa and Field Technical Support representative Andy Jepeal to implement the Compuware Source Code Download plugin along with the Topaz CLI on the Jenkins server where the SonarQube and HP Fortify scans are executed and reported to a SonarQube dashboard. Steve assisted in the development of the Jenkins pipeline scripts necessary to perform these extracts.

Impact #1	As COBOL code changes are checked into the Endevor QA level for the application, a Jenkins pipeline is executed. This pipeline downloads any program that has been changed and performs the HP Fortify and SonarQube code scans.
Impact #2	Developers and managers know the next day if there are any issues and can take appropriate actions. Code below quality standards is automatically prevented from moving into QA or higher.
Impact #3	The claims processing team is now integrated into the DevOps Continuous Integration practices at this GHSC.

Impact #1

As COBOL code changes are checked into the Endevor QA level for the application, a Jenkins pipeline is executed. This pipeline downloads any program that has been changed and performs the HP Fortify and SonarQube code scans.

Impact #2

Developers and managers know the next day if there are any issues and can take appropriate actions. Code below quality standards is automatically prevented from moving into QA or higher.

Impact #3

The claims processing team is now integrated into the DevOps Continuous Integration practices at this GHSC.

Benefit #1	Improved code quality through automated security and syntax checking.
Benefit #2	Reduced time to identify and resolve issues due to immediate feedback.
Benefit #3	Increased efficiency by integrating the claims processing team into the DevOps Continuous Integration practices.

Benefit #1

Improved code quality through automated security and syntax checking.

Benefit #2

Reduced time to identify and resolve issues due to immediate feedback.

Benefit #3

Increased efficiency by integrating the claims processing team into the DevOps Continuous Integration practices.

Download PDF Version

Overview

Global Health Service Company

Operational Impact

Quantitative Benefit