OCSF Articles

Evolving by Focusing on Time To Value

TTV
Andrea Medda Campus
Andrea Medda Campus

Andrea Medda Campus of Smithy recently detailed the company's evolution, focusing on dramatically reducing "Time To Value" (TTV) for its open-source project and enhancing the developer experience. Smithy, initially an internal fintech project, orchestrated security tools like SCA, SAST, and SBOM, boasting unique capabilities like running any security tool on-premises with custom integrations. Its original architecture relied heavily on Kubernetes, Tekton, and Kustomize.

However, transforming this into a sellable product revealed significant challenges. The TTV was excessively long, hindering rapid evaluation due to complex setup requirements and deep technical knowledge. Development productivity suffered from the intricate process of building and deploying integrations. "Results' Entropy" from varied security tool outputs necessitated extensive development for parsing and normalization. These issues led to "slowness and frustration," paralyzing innovation and making the TTV unacceptable.

To counter this, Smithy aimed to reduce TTV by achieving quicker iterations, faster execution, and simplifying the platform by removing initial Kubernetes/Tekton dependencies. A key step was adopting the Open Cybersecurity Schema Framework (OCSF) to normalize security findings, creating a smarter data lake and enabling "Dogfooding" for internal productivity and early bug detection.

The solution involved creating an SDK to streamline integration development, handling storage, instrumentation, and isolation. Additionally, Smithyctl, a CLI tool, allows local workflow execution with Docker, eliminating complex infrastructure needs and drastically reducing setup time from hours to minutes.

These improvements have significantly impacted Smithy's operations. The time to implement new integrations decreased from weeks to days, and running a workflow to get vulnerability findings now takes mere minutes instead of hours. This has standardized workflow execution, empowered contributors, and laid the groundwork for a sophisticated OCSF-powered data lake. Smithy continues to innovate, planning further integration development enhancements and new data lake features, ultimately aiming to empower security teams to focus on critical tasks.
Read full article here.