David Vohradsky

David Vohradsky

David Vohradsky





MyRISK: Using the ADB Data Centric Architecture for modern SaaS development

Event: AUSOUG Connect 2023, AUSOUG Connect 2023 Melbourne
Stream: Development

MyRISK® (myrisk.io) is a SaaS Governance, Risk and Compliance (GRC) platform specifically designed for cybersecurity professionals. The typical SaaS product development involves separate choices about a client side / front end product, API mediation, business services layer product, business process management product, data integration product, CI/CD product and identity management product. After identifying APEX from the Gartner Magic Quadrant for Low Code Application Platforms in September 2020, we built a POC as a University project in first half of 2021, and with a year had built our a complete product leveraging the complete ADB development stack. We were an early adopter of many Oracle ABD features which we have integrated with Oracle Application Express (APEX). As well as Oracle Rest Data Services (ORDS) for access to relational data, and Oracle Virtual Private Database (VPD) for multi-tenancy, we use Native Binary JSON documents for complex model storage, Text Data Storage (.PDF, .DOC) for document management of cyber control evidence. We use the Flows for APEX plugin for our workflow-based business functions, and the APEX Vanity URL feature. MyRISK calls Oracle Machine Learning for Python (OML4Py) functions using REST APIs to perform ML/AI functions as well as complex mathematical analysis. We also use pre-built Oracle ML models using Oracle In-Database Machine Learning, including the Oracle Wiki Model for Explicit Semantic Analysis. Our APEX development process and our CI/CD pipeline uses Oracle Visual Builder Studio (VBS) which we have integrated with APEX, PL-SQL and OML4Py. We are now extending our product with Flows For APEX, OML4Py, and PyPGX / Oracle Graph Studio to fully automate cyber security governance processes.