platformOS

• 3rd Party Penetration   tests • Web Application Firewall • Secure session   management • Password hashing • Credentials encryption • Scale horizontally &   vertically • 100% Lighthouse speed • Servers running 24/7 • We handle infrastructure • Using multiple data   centers • Any 3rd party API • Front-end agnostic • Your authentication  policies • Create your database • Build with Websockets • 0 downtime • Auto-scaling • Auto-healing • Regular upgrades • Automated backups
• 3rd Party Penetration   tests • Web Application Firewall • Secure session   management • Password hashing • Credentials encryption • Scale horizontally &   vertically • 100% Lighthouse speed • Servers running 24/7 • We handle infrastructure • Using multiple data   centers • Any 3rd party API • Front-end agnostic • Your authentication  policies • Create your database • Build with Websockets • 0 downtime • Auto-scaling • Auto-healing • Regular upgrades • Automated backups

Use cases

Can platformOS be used to build a complex Application?

Yes, platformOS hosts all types of applications, but we excel in complex web applications. You can build simple landing pages, through advanced many-to-many eCommerce / Community / Service marketplaces for government and banking, up to advanced SaaS products.

What is the difference in the size of the team working on a platformOS Application compared to custom development of the same application?

Since platformOS provides automated DevOps out of the box, you do not need as many senior backend developers as in the typical team, because the infrastructure is already configured and accessible via GraphQL.Most importantly, you require absolutely zero expensive DevOps engineers.

Can platformOS be used for Single Page Applications (SPA)?

Yes, platformOS provides all the necessary tools to build SPA. On platformOS you can use any frontend framework you like, like React, Angular, Vue, etc., and leverage GraphQL to build and run your backend API.

Can platformOS be used for mobile app development?

Yes, on platformOS you can build backend API that will be consumed by any client - browser, mobile applications. To allow you to build a great and secure experience for your customers, we support service workers, WebSockets, JWT, OAuth.

Can platformOS integrate with our existing systems?

Yes, the power of platformOS is its flexibility. We achieved it by allowing you to send Api Calls over HTTP(s) using GraphQL. You have full control of the request’s payload and headers. Most importantly, you can process the response and implement the logic depending on the result - which might be saving something to the database, triggering another Api Call etc.

What technologies do platformOS support?

For the FrontEnd, you can use any technology you like - you own the build process of the assets, so you can use any preprocessors and postprocessors for CSS and JS, any framework like React, Angular, Vue, etc..

For the server side, we have implemented GraphQL queries and mutations that allow you to integrate with every infrastructure component. As a server-side glue code for full flexibility, you can leverage Liquid

Development resources

I don’t have my own Development Team at the moment. Can I still use platformOS?

We have internal development teams who specialize in delivering high-quality MVPs to set you up for success. We can start working on your unique business rules from day 1, because the secure and scalable infrastructure is already in place. By choosing us you don’t have to be afraid of MVP success - we will be able to handle large increases in traffic and amount of data.

Will I be able to bring up my own Development Team?

Absolutely. At any point, you can get full access to the code and will be able to leverage the full power of the platform we have built.

How long does it take to onboard a Developer to be able to effectively use platformOS?

By leveraging GraphQL as a way to communicate with the infrastructure and using Liquid to write glue code, the cognitive load for a new developer is greatly reduced compared to an equivalent system that is custom-built. Thanks to our interactive onboarding and award-winning documentation, we are confident that we can teach even junior developers how to work with platformOS code and deploy it within hours. Typically it would take a few weeks for a junior developer to become properly productive - this depends on the complexity of the application itself and the developer.

Developing software

What skills a successful platformOS Developer should have?

Our main goal in platformOS is to reduce cognitive load for developers as much as possible. We have done it by using GraphQL and Liquid as an abstraction layer for the hard parts of backend programming - DevOps, SecOps, Database Management, Session Management, etc.  Developers working on platformOS have to focus on implementing business logic, meaning a successful developer would have strong problem-solving skills. GraphQL and Liquid were designed to be easy to use and learn and are successfully used by big players like Facebook, Shopify, Microsoft, and IBM.

On top of that, we have created tools like pos-cli, platformos-check to make it easy even for junior developers to build advanced applications using platformOS successfully.

Why have you chosen Liquid for server-side code execution?

The main reason is security - Liquid operates within a sandbox-like environment, ensuring that only explicitly allowed operations are executed. Unlike many programming languages such as Python, PHP, and Java, Liquid is tailored for enhanced security. It's a great fit for us, because it allows us to provide multi-tenant environments, enabling each customer to access code without risking unauthorized data access from other tenants.

Can I access GraphQL directly?

Yes, our GUI available via pos-cli is making use of that. By default it would require the developer’s token, however in one minute, one can create a custom endpoint that would invoke GraphQL provided as a parameter, and add any authentication and authorization to it as needed.

Can I write custom SQL?

At this stage we do not allow accessing the database directly - one needs to use GraphQL to perform DB operations. There are multiple reasons for this, the most important ones are that we can optimize indexes/queries behind the scenes and that each of the environments is multi-tenant by default.

How does platformOS make my application secure?

There are many secure defaults, which protect developers from introducing vulnerabilities to the application powered by platformOS. To name a few:

  • All variables are by default escaped, preventing various types of XSS Attack
  • User built-in model handles industry best practices like hashing the password with a one-way hashing function before persisting it, provides a secure implementation for authentication either by email/password, JWT, including 2FA support etc.
  • A new session is created when a user logs in, preventing all kinds of session fixation attacks
  • Each POST endpoint requires CSRF Token to prevent a potential Cross-Site Request Forgery attack.
  • Due to the usage of GraphQL, an application powered by platformOS is not vulnerable to SQL Injection attacks, because developers do not write SQLs, and we ensure with static analysis tools that implementation of the graphql mutations/query does not make it possible to perform SQL injection.
Can I use my own AWS/Azure/Google Cloud account for platformOS?

Yes, we claim that we are provider agnostic, and platformOS Stack can be hosted on any infrastructure provider. Contact us to discuss details.

Can platformOS run on-prem?

Yes, contact us to discuss details.

Have more questions?

Request a demo