BlackBerry Work Term Write-Up

Blackberry was the first professional work experience in the technology industry that I had.

Beginnings

Truth be told, I went into my Blackberry co-op term thinking that they still made phones, cellular devices, etc. I was VERY wrong, I entered an entirely new era of Blackberry, the cybersecurity era.

At the time I joined, Blackberry's major revenue generating products were their mobile device management solutions, their cybersecurity solutions, and their QNX suite of products. My team worked directly with mobile device management.

My First Project

My first project's scope was straightforward: Blackberry has a lot of mobile device management central servers scattered across the globe, these servers track information about MDM deployments in those regions. We want a way to periodically perform status checks on all of those endpoints at once.

After being onboarded, understanding development practices at Blackberry, and getting guidance from my mentors, I was able to create a fully fledged solution and release it to production. I created a Python/Postgres service that periodically connects to these MDM endpoints securely (encrypted), gathers data, stores it in Postgres, and triggers email-SMS based alerts if issues or discrepancies are found.

Machine Learning? Uhh..

Shortly after wrapping up my first project, one of the senior developers on the team approached me with an idea. He gave me the rundown of the problem:

  • Blackberry is looking to pass an upcoming SOC-2 audit. SOC-2 certification is a voluntary certification that shows that a company stores and access data correctly, without unforeseen events.
  • Blackberry servers raise file integrity alerts (like most other companies) when there are unwarranted changes to files or system services
  • When these alerts are raised, the security, compliance teams compiles them into a spreadsheet, and manually tries to determine the cause of the alert
  • Looking through causes that the security team has identified in the past, all file integrity alerts seem to fit into a few (<10) categories
  • We have a lot of data.. (past spreadsheets from the security team!)

    • Taking this information into consideration, his proposal for me was this: attempt to create a basic TensorFlow model based on the existing data from the security team to try to predetermine causes for file integrity alerts, such that manual correlations are minimized. Then, create some sort of interface (cli, web, whatever) that can be used by the security/compliance team to output a possible cause, given an input alert.

    I took this project head-on and ran with it, I was able to standardize all the data from security/compliance and train a basic TensorFlow model with it, and I served it with a Flask server alongside TensorFlow Model Server, I even built a front-end interface using HTML, CSS, and PHP

    Looking back, I can see hundreds of ways I could've improved on this design, but this was the first time that I designed, developed, tested, and deployed an entire service from scratch, and it's something that I'll remain proud of indefinitely.