Threat Identification
Assets

Discover how A3Logics helped a client improve their
mobile app scanning services, enhancing efficiency
and accuracy for users.

Overview

A mobile application security company that offers comprehensive scanning and analysis services to protect mobile apps from cyber threats. As the mobile app market continues to grow rapidly, the need for robust security measures becomes increasingly critical.

Our client faced challenges in efficiently and effectively scanning large numbers of mobile apps for vulnerabilities and security risks. Seeking a scalable, secure, and automated solution, A3 has suggested to leverage AWS to enhance their client's mobile app scanning ser­ vices.

overview image
Drop Us A Line
The Goal

The goal was to deploy a mobile security management platform that prevents sophisticated attacks on enterprise networks.

The Challenge
  • Scalability: Client's existing infrastructure struggled to handle the growing demand for mobile app security scanning, resulting in longer scan times and resource constraints during peak periods.
  • Security and Compliance: As a provider of security services, the app required a highly secure and compliant platform to handle sensitive customer data and protect intellectual property.
  • Efficiency and Performance: Mobile app scanning involves resource-inten­ sive tasks, such as code analysis and vulnerability detection. Our client needed a high-performance infrastructure to streamline scanning processes and deliver accurate results quickly.
  • Threat Detection and Response: Efficiently analyzing and processing re­ al-time data to detect and respond to emerging mobile threats was becoming increasingly complex and resource-intensive.
  • Disaster Recovery: To ensure business continuity in the event of a disaster or disruption. Our client needed a reliable DR plan to minimize downtime, recover data and services, and resume normal operations swiftly. This included defining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) to establish the maximum acceptable downtime and data loss for their application and infrastructure. Implementing a comprehensive DR strategy in AWS was crucial to safeguarding their scanning services and maintaining a high level of availability for their customers.
Technologies Stack
  • Java
  • React
  • My SOL Aurora
  • Elastic Search
  • Elastic File System
AWS Service Selection

To address their specific challenges and build a robust mobile security platform, A3 has suggested the client to opt for a range of AWS services:

  • AWS EKS for managing the containerized application workloads.
  • Amazon S3 and Amazon EBS (Elastic Block Store) for secure and scalable storage of large volumes of security-related data.
  • Amazon VPC (Virtual Private Cloud) for network isolation, enhancing data privacy and security.
  • AWS Lambda for serverless computing, enabling efficient and cost-effective real-time data processing and analysis.
  • Amazon CloudWatch for comprehensive monitoring and logging, allowing proactive threat detection and rapid incident response.
  • AWS Identity and Access Management (1AM) for stringent access controls to protect sensitive customer data.
  • Amazon API GATEWAY to expose APls.
  • Elastic Cache for caching frequently accessed data.
  • Kafka for real-time data streaming and event-driven processing
  • Elastic search for advanced search and analytics capabilities on data.
  • AWS Key Management Service (KMS) for secure encryption and management of encryption keys.
  • AWS CloudFormation for infrastructure provisioning and management, ensuring consistency and ease of deployment.
  • Amazon Aurora DB for storing metadata and scan information, providing fast and reliable access to scan results.
  • Disaster Recovery implementation to recover and restore IT systems, applications, and data in the event of a natural or man-made disaster. RTO and RPO to determine the recovery capabilities and objectives of the system during a disaster, it will help in making informed decisions regarding the DR strategies and investments.
AWS Architecture And Implementation

Established a collaboration between the client and our internal AWS Solutions Architects to design and implement a highly secure and scalable architecture.

The migration and implementation involved the following steps:

  • Migrated their existing infrastructure to AWS, carefully ensuring data integrity and minimal downtime.
  • Utilized Amazon VPC to isolate sensitive customer data, creating secure subnets and applying network access controls.
  • Leveraged AWS Lambda for serverless data processing, optimizing resource utilization and reducing operational overhead.
  • Mobile app binaries are stored in Amazon S3 buckets, ensuring secure storage and easy access for scanning processes.
  • AWS 1AM controls are implemented to ensure proper access management for secure data handling and scanning processes.
  • Set up Amazon CloudWatch alarms and dashboards to monitor application performance and detect unusual activity indicative of potential threats.
Migration & Deployment

The migration to AWS was carefully planned and executed to minimize any disruption to apps services and customers. Our development and AWS team worked collaboratively to:

  • Conduct thorough testing and validation of the new AWS infrastructure before directing live traffic.
  • Utilize AWS CloudFormation to create infrastructure templates for quick and consistent deployments.
  • Train client's technical teams to effectively manage and monitor the new AWS environment.
Results & Benefits
  • Scalability and Performance: With AWS's elastic scalability, client can now effortless­ ly handle the growing data volume and demand for their mobile security services, ensuring seamless performance for their customers.
  • Data Privacy and Compliance: Implemen­ tation of AWS's robust security features, encryption capabilities, and 1AM controls helped the client to achievse and maintain compliance with various data privacy regulations, earning customers' trust.
  • Threat Detection and Response: Cost OptimizationLeveraging AWS's real-time data processing and analysis capabilities, client has signifi­ cantly improved their threat detection and incident response times, helping customers stay one step ahead of emerging mobile threats.
  • Cost Optimization: By utilizing AWS's pay-as-you-go model and serverless com­ puting, client has reduced their operational costs, enabling them to focus on research and development to further improve their mobile security offerings.
Key Highlights

Value addition to client, its customers and end users

1. Latest application data in systems DB within 5 minutes of its upload to App store/Playstore

2. Crawl, Download and Scan 100K applications in 86400 seconds.

3. 500 GB data process in 24 hours.

4. Bulk data to Elastic Search.

5. Unique Risk Identification Algorithm.