This Case Shows Specific Expertise. Find the Companies with the Skills Your Project Demands!

You're viewing one of tens of thousands of real cases compiled on Many.dev. Each case demonstrates specific, tangible expertise.

But how do you find the company that possesses the exact skills and experience needed for your project? Forget generic filters!

Our unique AI system allows you to describe your project in your own words and instantly get a list of companies that have already successfully applied that precise expertise in similar projects.

Create a free account to unlock powerful AI-powered search and connect with companies whose expertise directly matches your project's requirements.

Legacy System Modernization for ISO 27001 Compliance and Future-Ready Architecture

instinctools.com

Information technology

Security

Legacy System Challenges and Compliance Requirements

The client's legacy system relied on outdated technologies (SOAP API, Apache Axis2, TomEE 7) that lacked security updates and compatibility with modern frameworks. Urgent ISO 27001:2013 certification requirements and the 2022 ISO standard update necessitated modernization. Internal constraints included resistance to change, lack of outsourcing experience, and strict requirements for European-based partners with security certifications (ISO 27001:2022, ISO 9001:2015) and onsite development capabilities using secure hardware keys.

About the Client

Global software licensing company specializing in secure IT solutions with over 30 years of experience

Modernization Goals

Upgrade backend infrastructure to meet ISO 27001:2013 certification requirements
Replace obsolete Axis2 framework with modern Apache CXF
Migrate from TomEE 7 to TomEE 8 while resolving compatibility issues
Implement Java 11 for enhanced security protocols (TLS 1.3)
Transition to annotation-based authorization for simplified maintenance
Establish knowledge transfer for client team adoption of new technologies
Create a phased migration path toward Spring framework implementation

System Modernization Requirements

Axis2-to-CXF code migration with framework-specific refactoring
TomEE 8 integration with secure configuration
Java 11 runtime environment implementation
Annotation-based authorization service development
Legacy test infrastructure bug detection and resolution
Secure onsite development environment with hardware key access

Technology Stack Requirements

Apache CXF (replacement for Axis2)

TomEE 8 application server

Java 11

Spring Framework (future migration target)

GDPR-compliant security protocols

Integration Requirements

SOAP API compatibility with modern security standards
Legacy license management system interoperability
Client's existing test infrastructure integration

Non-Functional Requirements

ISO 27001:2022 and ISO 9001:2015 compliance
GDPR and European data security regulation adherence
High system availability during phased migration
Secure physical perimeter for development environment
Documentation for future Spring framework transition

Business Impact of Modernization

Successful ISO 27001:2013 certification achieved in November 2022 with roadmap for 2022 standard compliance. Reduced security vulnerabilities through modernized infrastructure. Established foundation for Spring framework adoption by 2025. Enhanced team capabilities through knowledge transfer. Maintained system reliability during phased migration while improving long-term scalability and security posture.