Capability

Custom Development for Enterprise Systems That Must Work in a Real IT Landscape

RESTART designs, builds and supports enterprise systems where value depends not only on code, but also on architecture, integrations, data, access roles, security, documentation, operations and ongoing evolution after launch.

Hero image for the “Custom development and system integration” page

When Custom Development Is the Right Fit

People come to custom development not because they want to write another system. Typically, a packaged product already covers part of the task, but the business runs into non-standard processes, old integrations, proprietary data, information security requirements, regulations, complex roles, or the need to connect several systems into one manageable environment.

This page is for CIOs, digital transformation directors, internal product owners, managers of ERP, CRM, EDMS, portals, service platforms, analytics and departments that need to launch or modernize a system without losing control.

Why This Is More Than Code

In enterprise development, value is not created by the number of screens or the speed of writing functions. The system must integrate into the existing landscape: ERP, 1C, SAP, CRM, EDMS, BI, DWH, service desk, accounts, access rights, monitoring, logs, support processes and purchasing restrictions.

Therefore, RESTART looks at development as a program of change. We capture the business goal, system boundaries, process owners, data, integrations, security constraints, acceptance criteria, and operational model before the team begins actively writing code. This approach reduces the risk of long-term construction and expensive rework after launch.

What We Build

Internal systems

Workstations, administrative panels, service modules, automation of applications, approvals, reports and operational processes.

Portals and personal accounts

Client, partner and internal portals related to accounting systems, documents, payments, orders, roles and support.

Integration services

API gateways, exchanges between ERP, CRM, EDMS, BI, DWH, 1C, SAP, websites, mobile applications and external services.

AI and data products

Interfaces, server logic and integrations for RAG, Document AI, Service Desk AI, voice scripting, analytics and enterprise assistants.

Modernization of legacy systems

Parsing old code, separating services, transferring business logic, documenting, closing technical debt and gradually replacing outdated components.

Adjustable environments

Systems where it is necessary to take into account Federal Law No. 152-FZ, CII, GIS, logs, access rights, threat model, DevSecOps and production operations requirements.

Key Terms, Plainly Explained

TermDecodingWhat does it mean in the project
APIApplication Programming Interface - software interface for systems interaction.A contract under which systems exchange data, statuses, events and commands.
BackendServer part of the application.Business logic, databases, integrations, queues, query processing and security.
FrontendClient interface.What the user works with: web interface, personal account, admin panel, workplace.
SDLCSoftware Development Life Cycle - software development life cycle.Requirements, design, development, testing, acceptance, launch, maintenance and development.
CI/CDContinuous Integration / Continuous Delivery - continuous integration and delivery of changes.Automated assembly, testing and delivery of changes to agreed loops.
DevOpsAn approach that links development and operations.Environments, builds, monitoring, releases, reliability, maintenance and feedback from operation.
DevSecOpsDevelopment, Security, Operations - development, security and operation in one process.Checking code, dependencies, secrets, containers, access rights and vulnerabilities before release.
MVPMinimum Viable Product - minimum viable product.The first version that tests the value on a real process rather than demonstrating all future features.
UATUser Acceptance Testing - user acceptance.Verification by business users that the system solves the problem and is ready to launch.
SLAService Level Agreement - service level agreement.Expectations for availability, responsiveness, incident resolution and post-launch support.
SSO / IAMSingle Sign-On / Identity and Access Management - single sign-on and access management.Roles, accounts, authorization, access lifecycle and audit of user actions.
ERP / CRM / EDMSManagement of resources, clients and electronic document management.Key corporate systems with which you almost always need to integrate.
BI / DWHBusiness Intelligence / Data Warehouse - analytics and data warehouse.Reporting, showcases, metrics, data quality and management controls.
RAGRetrieval-Augmented Generation - response generation with search through corporate sources.An approach for AI assistants that respond based on documents, knowledge bases and access rights.

How the Project Runs

01

Diagnostics

We analyze the goal, users, current systems, data, owners, information security limitations, risks, integrations and success criteria.

02

Architecture

We design the target scheme: modules, API, data, roles, environments, integrations, logging, monitoring and operation.

03

Prototype or MVP

We test the key hypothesis on a limited but real scenario: users, data, integrations and acceptance criteria.

04

Development

We work in iterations, show the result, manage the task queue, testing, documentation, quality control and architectural decisions.

05

Integrations and security

We connect ERP, 1C, SAP, CRM, EDMS, BI, DWH, SSO/IAM, logs, monitoring, DevSecOps checks and information security requirements.

06

Acceptance and launch

We carry out UAT, prepare instructions, data transfer, release plan, support regulations, control metrics and rollback procedures.

07

Escort

We transfer the system into operation, support releases, incidents, development, quality metrics and technical debt.

Architecture and Integrations

A corporate system rarely lives on its own. It reads data from one system, sends status to another, shows reporting in a third, uses a corporate login, writes logs, passes information security checks and must be understandable to the support team.

environmentWhat we design
DataData model, directories, quality, sources, showcases, archives, migrations and access rights.
IntegrationsAPI, queues, events, files, exchanges with ERP, CRM, EDMS, 1C, SAP, BI, DWH and external services.
UsersRoles, rights, scenarios, interfaces, personal accounts, workplaces and administration.
OperationEnvironments, releases, monitoring, logs, backups, incidents and SLAs.
SafetyAccess model, secret storage, vulnerability control, requirements of Federal Law No. 152-FZ/CII/GIS, DevSecOps and audit of actions.

Engineering Quality and Security

Reliable development is not built on the heroism of individual engineers, but on a clear process. The project must have branching rules, code reviews, automated tests, dependency control, secret protection, logging, acceptance criteria, and release order.

For complex and regulated loops, we link development to DevSecOps practices: SAST, DAST, SCA, container auditing, secrets control, permission analysis, vulnerability management, and log requirements. This is especially important for systems with personal data, CII, GIS, financial transactions, AI scripts and external APIs.

Global Practices and the Russian Regulatory Context

To manage development, we focus on practices that help us not confuse speed with chaos. DORA looks at delivery and operations performance through team capabilities and organizational practices: it is important not just to release more often, but to improve manageability, quality and recovery from failures.

NIST SSDF SP 800-218 provides a common language for secure development: secure software development practices should be built into the development lifecycle to reduce the number of vulnerabilities, their impact, and reasons for recurrence. OWASP ASVS useful as a practical set of requirements for web application security testing, and CIS Controls - as a guide to basic cyber hygiene.

In Russian practice, custom development often lives next to Federal Law No. 152-FZ, CII, GIS, import substitution, FSTEC requirements, procurement procedures, GOST/ESPD/GOST 34 in contract and design documentation. Therefore, we discuss in advance not only the code, but also documents, roles, logs, acceptance, operation and evidence base for reviews.

How AI Supports Engineering

AI does not replace engineering responsibility, but it helps to quickly understand the big loop: old code, documents, requirements, bugs, tests, APIs and team knowledge. This is especially useful in projects where there are dozens of systems and a lot of context that cannot be kept only in people’s heads.

Analysis of legacy systems

AI helps explain old code, find dependencies, prepare module maps, and highlight places where business logic is not documented.

Requirements and documentation

The assistant helps to look for contradictions in technical specifications, protocols, regulations and user scenarios, and prepare draft specifications.

API and tests

AI can speed up the preparation of API contract drafts, test cases, sample requests, documentation, and edge case reviews.

Team support

A corporate AI assistant responds to the project’s knowledge base, helps new participants quickly enter the context and reduces dependence on a single expert.

Security control

AI helps explain the results of code and dependency reviews, but patches, releases, and acceptance are left to the engineers and responsible owners.

Task management

AI helps group duplicates, prepare status summaries, highlight blockers, and associate tasks with requirements, releases, and risks.

Where RESTART Adds Value

RESTART is strong at the intersection of development, system integration, information security, ERP/1C/SAP, data, DevOps and corporate AI. This is important when the system must not operate in a vacuum, but next to the accounting environment, customer channels, internal portals, documents, analytics, operation and security requirements.

We can enter a project as a development team, an integrator, an architectural partner, strengthening an internal team, or an accompanying practice. In any format, the goal is the same: for the customer to receive not a set of source codes, but a system that can be accepted, operated, developed and protected.

Engagement Models

FormatWhen it suitsWhat's the output
Architectural diagnosticsYou need to understand what to build, how to integrate and where the risks are.Systems map, target architecture, risks, team, first stage plan.
MVP or pilotYou need to quickly test the value on one process or group of users.Working prototype, feedback, scaling criteria, development plan.
Design developmentThere is an agreed goal, budget, deadlines and industrial result.System, integration, documentation, tests, acceptance, launch and transfer.
Dedicated teamThe customer has a product line, but lacks engineers or competencies.Development, analytics, testing, DevOps or information security team with a managed flow of tasks.
Modernization of legacy systemsThe old system hinders development, but it cannot be replaced in one step.Decomposition plan, feature migration, stabilization, documentation and technical debt reduction.
Maintenance and developmentThe system is already working, but releases, support, security and development are needed.Support regulations, SLA, change queue, monitoring, documentation and development.

Deliverables

  • map of the current IT landscape: systems, data, integrations, owners, limitations and risks;
  • target architecture: modules, APIs, data, roles, environments, logs, monitoring and operation;
  • API contracts, data model, integration scenarios and source requirements;
  • task queue, release plan, acceptance criteria, UAT scenarios and control metrics;
  • DevOps/DevSecOps environment: builds, tests, checking code, secrets, dependencies and containers;
  • documentation for users, administrators, developers and support services;
  • operational scenarios, regulations, SLA, incident response procedure and development plan.

Development + AI Compute

When RESTART develops an AI product, infrastructure should not appear at the end of the project as a separate issue. We design backend, integrations, data, DevOps, security and compute as a single loop.

This is especially important for RAG, Document AI, Meeting Hub, VoiceHelp, Service Desk AI and enterprise assistants: the quality of the product depends on data sources, processing queues, logs, storage, access roles, monitoring and scaling capabilities.

1C-Bitrix, Portals and Account Areas

When a web solution must be connected with accounting, orders, documents, payments and client data, we connect 1C / Bitrix practice Invent. This helps to build websites, personal accounts, partner portals, online stores and service interfaces as part of the corporate outline, and not a separate storefront.

In such projects, exchanges with 1C and ERP, access rights, personal data, integration with payments and delivery, content management, user support and further development without breaking the current business are especially important.

Frequently asked questions

Is it possible to start without a large technical task?

Yes. It often makes more sense to start with a diagnostic and architectural session: understanding the goal, users, data, integrations, risks and success criteria. After this, the technical specification becomes substantive and not abstract.

How not to get unfinished construction?

It is necessary to limit the first loop, agree on acceptance criteria, conduct development in iterations, show a working result and take into account integration, information security, operation and process owners in advance.

Are you working with legacy systems?

Yes. We start with an examination: where is the business logic, what dependencies, what data, who uses the system and what cannot be broken. Then we propose a step-by-step upgrade rather than a risky one-shot replacement.

Is it possible to strengthen our internal team?

Yes. A project team, dedicated developers, analysts, testers, DevOps, information security experts or a mixed format, where RESTART covers the missing competencies, are possible.

How is safety taken into account?

Security is built into the architecture: roles, SSO/IAM, logs, protection of secrets, verification of code and dependencies, requirements of Federal Law No. 152-FZ/CII/GIS and integration with information security tools.

What does the customer have left after the project?

Source code, repository, documentation, architectural solutions, instructions, test scripts, operational requirements, maintenance regulations and development plan.

Let's discuss your environment

Describe the task, current systems, constraints, and expected results. We will offer a practical first step: diagnostics, pilot, audit, roadmap or project team.

Contact us
AI assistant
Hello! I am an AI assistant at RESTART. I’ll help you find the right section of the site, answer questions about services, licenses, partnerships, contacts, or formulate an appeal to the sales department.