The customer, through this project, set out to help technology companies strengthen their security posture by automating daily vulnerability detection and delivering AI-enabled code suggestions across thousands of repositories. As adoption expanded, the platform needed to support a multi-tenant environment that could scale reliably while remaining cost-efficient and minimizing operational overhead. This required a cloud-native architecture capable of running large-scale, parallel vulnerability scans, orchestrating automated workflows, securely storing results, and providing real-time operational visibility.
This case study describes how Crest Data leveraged AWS CloudOps best practices to design and implement a fully managed platform using Amazon ECS, AWS Lambda, Amazon SQS, Amazon DocumentDB, Amazon CloudWatch. This helped in optimized networking with Amazon ECR and VPC Endpoints enabling predictable operations, reduced costs, and faster remediation insights to support scalable DevSecOps adoption.
The customer is a leading cybersecurity solutions provider focused on delivering unified asset intelligence and cyber risk management. The organization enables real-time visibility and protection across complex and diverse technology environments, helping enterprises and public-sector organizations continuously identify, prioritize, and remediate security risks at scale. Through its core platform, the customer supports large, dynamic infrastructures by providing actionable insights that strengthen security posture across interconnected digital and operational ecosystems.
The customer needed to deliver a multi-tenant vulnerability scanning platform that could scale to thousands of repositories across multiple tenants while maintaining cost efficiency and operational resilience. The core challenge was to balance scalability, automation, and observability without increasing manual overhead for development teams.
Traditional vulnerability management approaches were either too slow, too costly, or lacked actionable insights, making it difficult for software companies to quickly respond to security issues. The customer required a solution that could run daily scans, centralize results, and provide AI-led code-level remediation suggestions that integrated directly into developer workflows.
If left unaddressed, these challenges would have led to security blind spots across customer repositories, significantly increasing the risk of breaches and compliance violations. Development teams would continue to spend excessive time manually triaging and fixing vulnerabilities, slowing release cycles and eroding customer trust.
Crest Data implemented a multi-tenant SaaS solution on AWS designed to run daily vulnerability scans across thousands of repositories while ensuring scalability and strong observability. The architecture followed AWS CloudOps best practices to balance automation, cost-efficiency and reliability.
The scanning workflow is orchestrated using Amazon EventBridge and AWS Lambda, which trigger the scans once a day. Each repository is scanned using multiple vulnerability scanning tools. The scans are executed in parallel, enabling the system to process large workloads quickly and efficiently.
All scan results are aggregated and stored in Amazon S3, providing durable and cost-effective storage. Each record is tagged with a tenant ID, ensuring logical isolation of data across customers. After results are available, the platform invokes an external AI model via secure API calls, which analyzes vulnerabilities and provides code-level remediation suggestions.
For observability, we integrated Amazon CloudWatch metrics, dashboards and alerts to track scanner performance and task health. In addition, Lambda-based cleaners were implemented to detect and terminate long-running ECS tasks, improving reliability and preventing resource waste.
Finally, to control networking costs, VPC endpoints were introduced for services like S3, reducing data transfer through NAT gateways. This optimization ensured both cost-efficiency and security while maintaining high system performance.
We selected AWS as the foundation for our SaaS tool because of its mature ecosystem of CloudOps services that enable automation, observability and ease of use at scale. With Amazon ECS for containerized workloads, AWS Lambda for event-driven automation, Amazon SQS for decoupled orchestration, and Amazon CloudWatch for centralized monitoring, AWS gave us the ability to design a resilient and cost-efficient multi-tenant architecture with minimal operational overhead. AWS also provides the security, compliance and global reach needed to support enterprise software companies.Â
Features such as VPC Endpoints for private connectivity and Amazon DocumentDB for secure, managed storage allowed us to reduce infrastructure complexity and optimize costs. By building on AWS, we could focus on our differentiator, AI-enabled vulnerability insights and remediation suggestions.
The project delivered significant improvements in vulnerability detection and developer productivity for the customer’s DevSecOps workflows. By orchestrating daily scans across more than 3,000 repositories, the platform ensures continuous visibility into security risks without requiring additional manual effort.
The use of parallel ECS-based scanning reduced processing time by nearly 70% compared to serial executions, allowing daily reports to be generated in hours. This efficiency enabled security and development teams to act on findings more quickly, reducing mean time to detection (MTTD) and accelerating remediation planning.
From a cost perspective, infrastructure expenses were optimized through VPC endpoints and Lambda-based task cleaners, keeping the total operating cost at approximately $150-$200 per day for all tenants combined. This translated into a 25% reduction in network transfer costs and ensured predictable increase in costs as the customer scaled to more repositories.
Finally, by integrating AI-driven code-level suggestions, developers were able to resolve vulnerabilities faster, with early adopters reporting up to a 40% reduction in remediation time compared to traditional static reports. Combined with the AI-driven suggestions gave the developers as well as DevOps teams actionable insights while maintaining high system reliability.
Crest Data is an enterprise technology services and solutions provider with deep expertise in data and AI-driven engineering across Agentic and Generative AI, cybersecurity, observability, data analytics, workflow automation, and cloud technologies. In this case study, Crest Data applied its CloudOps and DevSecOps expertise to build a cost-efficient, scalable AWS platform that enables continuous vulnerability management and supports enterprises in scaling securely with confidence.
Working closely with enterprise customers and supported by strategic partnerships with leading technology providers such as AWS, Google, Microsoft, Datadog, Dynatrace, ServiceNow, and NetApp, Crest Data delivers outcome-focused solutions that accelerate cloud adoption, strengthen security operations, and improve platform reliability.
Neuwave is an AI-native, composable suite of products purpose-built to accelerate integrations, migrations, and operations for ISVs, enterprises, and technology innovators.
© Neuwaveai.com. All Rights Reserved.
A distinguished technology leader with deep expertise in enterprise software and product engineering, he serves on Crest Data’s Board of Advisors. Sumeet is Managing Director of ServiceNow’s India Technology Centre and Senior Vice President of Engineering for the Core Business Workflows portfolio, overseeing products across HR, Finance & Supply Chain, Workplace, Health & Safety, Legal, and Contract Lifecycle Management. Previously, he held senior leadership roles at Broadcom, Cisco, and CA Technologies, scaling teams behind multi-billion-dollar product portfolios. He holds a degree in Computer Science and serves as Chair of the Telangana Regional Council at NASSCOM.
A strategic business, security, and technology leader with over 25 years of experience across telecommunications, financial services, and software industry verticals, he serves on Crest Data’s Board of Advisors. He currently serves as Vice President and Head of Technology Integrations, Technology Alliances at Netskope, driving strategic security and IT integrations at scale and advancing Netskope Cloud Exchange, recognized as a 2021 CRN Top 10 Cloud Security Tool. Previously, he held leadership roles at AT&T, Riverbed, and Palo Alto Networks, building strategic partner ecosystems and enterprise security programs. A former U.S. Navy Surface Warfare Officer, he actively advises and mentors several technology and consumer services companies.
Â
Aditya Khetan is a Director of Technical Support with over 12 years of experience leading 24×7 global product support operations and customer success initiatives. He has built and scaled high‑performing teams, driving data‑informed improvements in NPS, CSAT, and operational efficiency while managing complex escalations. A Splunk Core Certified Consultant and Architect, Aditya has delivered enterprise solutions for global clients and partners closely with senior leadership to align support strategy with business goals.
Brings extensive sales, business development, and consulting expertise to Crest Data, where he drives strategic growth and builds high‑value enterprise relationships across ServiceNow and IT solutions. With a strong background in strategic alliances and solution‑led sales, he focuses on expanding market presence and partnership ecosystems. Rajeev has a proven track record of engaging C‑suite stakeholders, shaping go‑to‑market strategies, and accelerating revenue in competitive technology markets. His leadership blends commercial acumen with deep industry insight.
Bringing over 20 years of experience in information technology and cybersecurity. He has held senior leadership roles across strategic alliances, technical operations, and information security, including positions at VMRay, Cofense, and financial services firms. A long-time faculty member at IANS Research and owner of First Security Alliance, LLC, he has advised hundreds of clients, authored professional publications, and spoken at numerous security conferences. He holds CISSP, CISM, CRISC certifications and an MS in Information Assurance from Walsh College.
Â
Jeet has over a decade of experience across Security Engineering, Implementations, and Operations. As Director of Business Development at Crest Data Systems, he leads the Tech Sales organization, driving growth, solution positioning, and strategic customer engagement. Previously, Jeet led Managed Services teams and delivered more than 100 Professional Services engagements, specializing in deploying, optimizing, and migrating enterprise security platforms such as SIEM, XDR, and UEBA. His blend of technical expertise and consultative sales leadership enables strong customer relationships and measurable business outcomes.
Â
Damion Desai leads West Coast North American sales for Crest Data, based out of San Jose. With over 25 years of experience in enterprise technology sales spanning semiconductors, optics, manufacturing and software services Damion partners closely with our engineering teams to deliver AI-driven cybersecurity solutions to some of the largest technology companies in Silicon Valley. He is a past winner of the Intel Achievement Award and holds a Computer Science degree from The University of Southern California.
Neha Mashruwala is a highly organized and results-oriented marketing strategist with nearly two decades of experience in driving business growth through strategic marketing initiatives.
Known for aligning marketing strategy with business objectives, Neha brings deep expertise across brand strategy, demand gen and lead gen, product marketing, thought leadership, and end-to-end digital marketing. With a strong understanding of enterprise technology, AI-led marketing, creative storytelling, and data-driven execution, she accelerates go-to-market success with a customer-first mindset.
A Fellow Member of the Institute of Company Secretaries of India (ICSI), she brings over 10 years of experience in corporate governance, secretarial practice, corporate restructuring and transaction advisory, fund raising including IPOs, and capital market transactions. With strong legal acumen, she advises the Board of Directors, ensures compliance with applicable legal and regulatory frameworks, and oversees governance systems across the organization, thereby supporting Crest Data’s commitment to transparency, accountability, and responsible business conduct.
Gaytri brings over 25 years of experience driving revenue growth and customer success across global enterprises. She has led large-scale GTM initiatives, including managing over $100 mn Hi-Tech portfolio as Vice President of Sales at Genpact, and held senior sales leadership roles across leading enterprise technology organizations such as Cisco and Salesforce. An IIT Delhi engineering gold medalist, Gaytri blends technical depth with strategic sales leadership to build trusted C-suite relationships and drive sustained, long-term growth.
Â
Rishi leads strategic partnerships with observability vendors, including AWS, Datadog, and Dynatrace. He brings over 20 years of experience building products, partnerships, and driving customer success across the observability, security, and application infrastructure domains. Most recently, Rishi led product management and customer success teams at PromptQL and Sumo Logic, supporting thousands of customers from Fortune 500 enterprises to emerging startups. He lives in Sacramento, CA with his family and enjoys the outdoors.
Bringing over 15 years of experience in cloud and DevOps engineering, he leads technology strategy and execution across product development and deployment at Crest Data. He has expertise in Kubernetes, containers, and multi-cloud architectures, building platforms for performance and scale. Prior to Crest Data, he co-founded and served as CTO of a cloud-native technology company recognized as a Great Place to Work. Colwin holds a Bachelor’s in Computer Science and multiple Kubernetes and AWS certifications.
As the leader of Business Development and Security Ecosystem at Crest Data, Vance leverages over 25 years of experience in security technology. He previously served as a product manager at Armis, driving technical alliances and integrations, and at Nozomi Networks, where he managed protocols and hardware. Vance holds CISSP and CCSP certifications and a Bachelor’s in Physics and a Master’s in Computer Science from Rochester Institute of Technology. He holds a patent in photoprint digitizing scanner technology. Combining his deep technical expertise with strategic leadership he is deeply involved with customers and ISVs to build innovative Cybersecurity solutions.
Â
With over a decade of experience in IT leadership, he oversees enterprise IT infrastructure, cloud operations, and cybersecurity at Crest Data. He leads a cross-functional IT organization, driving secure, scalable, and resilient systems while enabling key security certifications including ISO 27001, SOC 2, GDPR, and BIA. With deep expertise across AWS, Azure, GCP, and AI-driven security tools, he focuses on strengthening endpoint security, managing inhouse data centers, optimizing cloud costs, and ensuring reliable, well-governed IT operations across the organization.
An HR leader deeply committed to people and culture, Devanshi brings over a decade of experience across diverse industries. As Director, HR at Crest Data, she drives culture-first people practices and builds high-impact HR teams aligned with business outcomes across India and the US teams. Known for her sharp insight, empathy, and storytelling-driven influence, she blends strategy with human connection. Outside of work, she cherishes time with her little one, enjoys playing cricket, and loves reading to him.
With more than 25 years of leadership experience in finance, he oversees financial strategy and operations across domestic and international business units. He leads enterprise-wide financial governance, compliance, and growth planning. With deep expertise across finance, taxation, legal operations, procurement, and revenue assurance, he has helped build and scale businesses, including a technology startup in video analytics. Nirav holds an M.Com, CA, a Diploma in Foreign Exchange Risk Management, and is a D&B Certified IFRS Professional.
 With over 25 years of global experience across technology leadership, large-scale product engineering, and operational excellence. She defines and drives Crest Data’s engineering vision and execution across data and AI foundation for security, observability, automation, and cloud domains. Prior to Crest Data, Neha held senior engineering leadership roles at Cisco and other organizations. She has received several engineering awards including Cisco’s Pioneer award and holds a patent in networking security.
Neha holds a bachelor’s engineering degree in Computer Engineering from Gujarat University and a Master’s degree in Computer Networking from North Carolina State University.
Malhar defines the vision and drives a customer-first, agile, and empowering culture rooted in equality and continuous learning. With over 25 years of enterprise technology leadership, Malhar drives strategic growth in data and AI, security, DevOps, and cloud spaces while fostering innovation and team excellence at Crest Data. His strategic leadership positions Crest Data as an AI-first product engineering and technology solutions provider that accelerates clients’ success in a rapidly evolving technology landscape.
Prior to founding Crest, Malhar held leadership roles in product management at Cisco’s Insieme Business Unit (acquired by Cisco in 2013) and Nuova Business Unit (acquired by Cisco in 2008) where he led the growth of Cisco’s Data Center Switching business from inception to an annualized revenue of over $1.5 bn.
Malhar holds a bachelor’s engineering degree in Civil Engineering from Gujarat University and a Master’s degree in Computer Networking from North Carolina State University.