Threat Identification
Assets

The goal was to deploy a mobile security management platform that prevents sophisticated attacks on enterprise networks.

The Challenge

• Scalability: Client’s existing infrastructure struggled to handle the growing demand for mobile app security scanning, resulting in longer scan times and resource constraints during peak periods.
• Security and Compliance: As a provider of security services, the app required a highly secure and compliant platform to handle sensitive customer data and protect intellectual property.
• Efficiency and Performance: Mobile app scanning involves resource-inten­ sive tasks, such as code analysis and vulnerability detection. Our client needed a high-performance infrastructure to streamline scanning processes and deliver accurate results quickly.
• Threat Detection and Response: Efficiently analyzing and processing re­ al-time data to detect and respond to emerging mobile threats was becoming increasingly complex and resource-intensive.
• Disaster Recovery: To ensure business continuity in the event of a disaster or disruption. Our client needed a reliable DR plan to minimize downtime, recover data and services, and resume normal operations swiftly. This included defining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) to establish the maximum acceptable downtime and data loss for their application and infrastructure. Implementing a comprehensive DR strategy in AWS was crucial to safeguarding their scanning services and maintaining a high level of availability for their customers.

Technologies Stack

• Java
• React
• My SOL Aurora
• Elastic Search
• Elastic File System

AWS Service Selection

To address their specific challenges and build a robust mobile security platform, A3 has suggested the client to opt for a range of AWS services:

• AWS EKS for managing the containerized application workloads.
• Amazon S3 and Amazon EBS (Elastic Block Store) for secure and scalable storage of large volumes of security-related data.
• Amazon VPC (Virtual Private Cloud) for network isolation, enhancing data privacy and security.
• AWS Lambda for serverless computing, enabling efficient and cost-effective real-time data processing and analysis.
• Amazon CloudWatch for comprehensive monitoring and logging, allowing proactive threat detection and rapid incident response.
• AWS Identity and Access Management (1AM) for stringent access controls to protect sensitive customer data.
• Amazon API GATEWAY to expose APls.
• Elastic Cache for caching frequently accessed data.
• Kafka for real-time data streaming and event-driven processing
• Elastic search for advanced search and analytics capabilities on data.
• AWS Key Management Service (KMS) for secure encryption and management of encryption keys.
• AWS CloudFormation for infrastructure provisioning and management, ensuring consistency and ease of deployment.
• Amazon Aurora DB for storing metadata and scan information, providing fast and reliable access to scan results.
• Disaster Recovery implementation to recover and restore IT systems, applications, and data in the event of a natural or man-made disaster. RTO and RPO to determine the recovery capabilities and objectives of the system during a disaster, it will help in making informed decisions regarding the DR strategies and investments.

AWS Architecture And Implementation

Established a collaboration between the client and our internal AWS Solutions Architects to design and implement a highly secure and scalable architecture.

The migration and implementation involved the following steps:

• Migrated their existing infrastructure to AWS, carefully ensuring data integrity and minimal downtime.
• Utilized Amazon VPC to isolate sensitive customer data, creating secure subnets and applying network access controls.
• Leveraged AWS Lambda for serverless data processing, optimizing resource utilization and reducing operational overhead.
• Mobile app binaries are stored in Amazon S3 buckets, ensuring secure storage and easy access for scanning processes.
• AWS 1AM controls are implemented to ensure proper access management for secure data handling and scanning processes.
• Set up Amazon CloudWatch alarms and dashboards to monitor application performance and detect unusual activity indicative of potential threats.

Migration & Deployment

The migration to AWS was carefully planned and executed to minimize any disruption to apps services and customers. Our development and AWS team worked collaboratively to:

• Conduct thorough testing and validation of the new AWS infrastructure before directing live traffic.
• Utilize AWS CloudFormation to create infrastructure templates for quick and consistent deployments.
• Train client’s technical teams to effectively manage and monitor the new AWS environment.