Delivering a secure, modern, and reliable web app

The story

Pending AI is an early-stage company that develops artificial intelligence and quantum mechanics based solutions for scientists in the pharmaceutical industry to design, make, test and analyse new drugs.

The challenge

Pending AI recognised the need for a secure web app with an improved UI for its innovative Retrosynthesis Engine. Pending AI employs back-end engineers and scientists, so they decided to outsource the front end project to a trusted local agency. 

We were engaged to rebuild the front- end of the Retrosynthesis Engine web app, including the following components:

• Main page – synthesis projects and project history, with an easy link to set up a new project.
• Results page – project results with the synthetic routes and the individual synthesis steps displayed in either a table or as a tree.
• Draw a target page – a dynamic and interactive drawing page enabling users to sketch substances for analysis.
• All pages – breadcrumbs enabling users to navigate between pages seamlessly.
• Account management system – integrated a third-party service to provide industry standard authentication including user login, registration and admin access.
• Robust continuous integration – following cybersecurity best practices, Pending AI provided us with robust protocol for continuous integration that was then implemented by us.

We prioritised security and usability during the web app development process in order to facilitate Pending AI obtaining ISO27001 certification and build a robust information security system. Key considerations include:

• Transforming the existing user interface into a static web application. By rebuilding the web app to run completely in the browser, we minimised the attack service.
• Implementing standard third-party authentication to enhance security.
• Setting up security vulnerability scanning based on a dynamically generated Software Bill of Materials (SBOM)