Unlocking Developer Productivity through DevSecOps Innovation


8th Light Pfizer Feature Medium

Helping Pfizer apply next-generation DevSecOps principles to the business of saving lives.

One of the world’s premier pharmaceutical and biotechnology companies, New York-based Pfizer is a household name. Since its founding in 1849, the company has developed and produced countless medicines and vaccines for immunology, oncology, cardiology, endocrinology, and neurology, including several products that each generate more than US$1 billion in annual revenues. Needless to say, Pfizer is in a complex and demanding business, and its people and processes must meet or exceed rigorous standards. That’s why Pfizer turned to us.

8th Light Pfizer Doctor

Collaboration, iteration, and implementation at the speed of change.

It goes without saying that the devastating COVID-19 pandemic changed a great many things for a great many people. But for Pfizer, the unprecedented speed of its response to the need for a vaccine revealed the very real need to move faster, and create systems that would empower change.

It's a partnership and you know that from day one. They really care and want you to succeed.

Vincent Ryan
Senior Manager, Solution Delivery Lead

Working across more than 20 disparate teams, 8th Light’s teams helped Pfizer establish a DevSecOps foundation that empowers them to collaborate confidently at scale. Our team members took inventory of what they found while collaborating on systems with varying levels of software expertise, different regulatory constraints, and a wide variety of development practices. And our team created a reliable and repeatable playbook that puts all of those teams rowing in the same strategic direction.

Pfizer Deployment Pipeline

We helped migrate source code from a manual deployment to an automated and planned CI/CD pipeline, and we trained teams on modern branching and collaboration strategies. The result is a more methodical, deliberate, observable, secure, asynchronous, and reliable deployment pipeline.

Our strategy contained a new version control plan that empowers frequent, immediate feedback and global collaboration. We configured CI/CD pipelines and automated cloud services tasks to streamline movement of code between environments, reduce the time from solution to production, and reduce operational expenses while making processes more predictable. A uniform secret management plan greatly tightened security for teams who were previously unfamiliar with the tools and techniques; and dedicated servers and role management strategies have streamlined network access, creating additional layers of security across the full corporate network.

8th Light Pfizer Science

Bringing Reliability to the Future.

DevSecOps is the type of work that’s never truly finished, and we’ve also helped kickstart a new initiative that will model these best practices with a knowledge management application that’s highly visible and a common source of frustration for teams and researchers alike.

Pfizer Architecture

We helped Pfizer's team identify opportunities to evolve their security posture, and migrate more than 20 teams to a new code hosting solution. Throughout the effort, we developed a suite of automated tools that create a more rigorous, reliable, and secure deployment flow. 

The new architecture was designed specifically to accommodate the legacy system, enabling a smooth transition for the technology, as well as the staff. We developed these new tools alongside Pfizer's team, mentoring their developers on the languages and tools while empowering them to craft their new environment.

We also helped the team work better together. We facilitated a hands-on workshop on modern collaboration and version control strategies, helping the teams adopt a shared language for seamless collaboration. When the DevSecOps team was ready to expand, we mentored two new team members.