AWS Infrastructure audit for SaaS Application

project image
Learn how we reviewed exitisting infrastructure for SaaS application and helped improve security, reliability and availability

Executive Summary

Case study on an AWS infrastructure audit with security and performance evaluation performed for a growing startup.

About the Subject

KaizApp was founded by specialists in Lean manufacturing with a combined 50 years of experience across leadership positions in corporates, private equity and consulting to 80+ enterprises across 20+ sectors.

Based on their experience, it remains vital, for businesses, to sustain an enterprise-wide culture of Continuous Improvement (CI) to maintain long term competitiveness. Unfortunately, this is far less commonly achieved; largely because CI has proved complex to manage across an enterprise.

To solve these issues, KaizApp created a “mobile-first” digital tool based on the Toyota version of PDCA, which involves a structured and scientific approach to replace an array of incumbent software applications, keeps improvement simple, standardised and in every employee’s pocket.

Challenges and Objectives

KaizApp was focused on building the product and had very product-oriented team. Infrastructure, in particular AWS, was not the main area of KaizApp team expertise. They were focusing ond product validation, therefore they hadn’t put a lot of effort on building reliable and secure infrastructure as it hadn’t been the main priority.

As the launch date was coming close, KaizApp was looking for a reliable partner that would audit what they had built, assess what needed to be fixed, and help introduce those fixes before going live.

Our objectives were to improve the following aspects:

Security

  • Networking - VPC with private/public subnets.
  • Encryption - both at rest and in transit, enable wherever possible.
  • Handling AWS credentials - using roles instead of access/secret keys.
  • Narrowing down all the permissions and open ports.
  • Handling application secrets using secure storage.
  • Adding Web Application Firewall to filter incoming traffic on the application layer.

Reliability

  • Introducing multi AZ setup for the most crucial components like DBs and the application hosts.
  • Performing disaster recovery tests and tune all the elements of the setup.

Operational Excellence

  • Improving deployment process.
  • Refining IaC scripts, make them more robust and up to date with the existing infrastructure.
  • Adding detailed monitoring using DataDog, setup alerting on the most important metrics.

Cost Optimization

  • Buying reserved instances for all the nodes.
  • Reducing monitoring costs by optimizing log format, its verbosity and finetunig datadog integration with AWS.

Benefits

Thanks to support of our certified engineers, KaizAgpp was able to fill all the gaps very quickly. It was more than direct help, all the steps were documented and the knowledge was transferred to the team, so they were able to continue on their own with our minimal help and guidance

The fact that Pattern Match is certified AWS Consulting Partner, gave KaizApp confidence that the solutions proposed would be efficient, performant and secure, so they could focus on the core of their business.

I wouldn’t hesitate to work with them. They are very good at what they do and they’re good at hiring experienced professionals. I would go ahead and hire them.

Nick Racster

Founder of KaizApp

Results

Ater the most important issues were tackled, KaizApp started to onboard first pilot customers. Everything went smoothly, without any issues caused by the newly created infrastructure.

Introduced monitoring and alerting turned out to be crucial for detecting and fixing issues on the application side very quickly.

Want to hear more?

CONTACT US