The customer needed a secure, scalable, and highly available cloud environment to manage identity, permissions, and operations at enterprise scale. This case study outlines how Crest Data designed and deployed a multi-region AWS cloud operations platform built for resilience and advanced identity governance spanning multiple Regions and Availability Zones, protected by AWS WAF and Shield, powered by Route 53 for reliable DNS, and optimized with an Application Load Balancer (ALB) to efficiently distribute traffic across application tiers
With its AWS-native architecture, the Security platform enables organizations to manage permissions at scale, enforce least-privilege access, and maintain continuous compliance while ensuring a secure, highly available cloud environment.
The customer is a leading multi-cloud permissions management provider recognized for its innovative identity and access governance capabilities. Their platform protects critical cloud infrastructure by offering deep visibility into permissions, continuously monitoring activity, and automatically remediating over-permissioned human and machine identities.
The customer required a secure AWS platform with stronger identity and permissions management to reduce risks from over-privileged accounts and maintain compliance at scale. Traditional IAM controls lacked visibility and automation, creating gaps in governance and security. The challenge was to design a resilient multi-AZ architecture that integrated the products Security for least-privilege enforcement and activity monitoring, while leveraging AWS-native services such as WAF, Shield, GuardDuty, KMS, and Config for protection and compliance. In addition, the platform needed unified observability through CloudWatch, Athena, Prometheus, Grafana, and ELK to ensure operational visibility and faster remediation.
Crest Data helped the customer deploy AWS and integrate Amazon CloudWatch as an Observability platform, infused with DevSecOps best practices.
Core services leverage Amazon RDS (PostgreSQL and MySQL, both Multi-AZ) for relational workloads, Amazon ElastiCache (Redis) for low-latency caching, and Amazon S3 as the foundation of a durable data lake. Encrypted EBS volumes and AWS KMS secure data at rest, while Amazon GuardDuty provides continuous threat detection. AWS Config enforces compliance by evaluating resource configurations against best practices.
For observability, the platform integrates Amazon CloudWatch, Amazon SNS, and Amazon Athena, complemented by Prometheus and Grafana for metrics visualization and the ELK stack (Elasticsearch, Logstash, Kibana) for centralized log analysis. Together, these services deliver unified dashboards, deep operational visibility, and faster incident resolution.
Each customer stack resides in its own AWS account with the same set of Infrastructure.
Implemented environment isolation with dedicated VPCs, subnets, and IAM roles per stack to enhance security and minimize cross-environment impact.
Designed secure VPC architectures with public/private subnets, NAT gateways, and route tables to isolate workloads and control traffic flow.
Implemented multi-AZ Application Load Balancers and Route 53 DNS failover for high availability and seamless traffic distribution.
Enforced network security with Security Groups, NACLs, and VPC Flow Logs, ensuring fine-grained access control and continuous monitoring.
Deployed Amazon RDS for MySQL and PostgreSQL in Multi-AZ configuration, ensuring automated failover with minimal downtime during AZ failures.
Enabled automated backups, snapshots, and cross-AZ replication to strengthen durability and meet strict RPO/RTO requirements.
Configured read replicas across AZs for workload scaling, while cross-region replication provided disaster recovery and business continuity.
Implemented fine-grained IAM policies and role-based access controls, ensuring least-privilege access across AWS resources.
Centralized identity management with AWS SSO and MFA enforcement, strengthening authentication and reducing unauthorized access risks.
Secured sensitive credentials with AWS Secrets Manager and automated key rotation via KMS, eliminating hardcoded secrets in codebases.
Provisioned cloud infrastructure using Terraform and AWS CloudFormation, enabling consistent, repeatable, and version-controlled deployments.
Automated patching, scaling, and configuration management with AWS Systems Manager and Ansible, reducing manual overhead and errors.
Integrated IaC workflows into CI/CD pipelines, accelerating environment provisioning and reducing lead time for changes by 60%.
Centralized Monitoring & Alerting – Integrated CloudWatch with Prometheus and Grafana dashboards to proactively detect anomalies, enabling faster incident response.
Security & Compliance Visibility – Leveraged ELK stack to collect and analyze audit logs, improving traceability and compliance with security standards.
End-to-End Observability – Implemented OpenTelemetry for distributed tracing across microservices, enhancing root cause analysis and reducing MTTR.
A central Grafana server in a dedicated Tools AWS account, which is connected with all environments.
Provides unified dashboards aggregating metrics from all stacks.
Shift Security Left – Integrated automated code, dependency, and container image scanning into CI/CD pipelines to detect vulnerabilities early.
Secure Secrets & Access – Enforced least-privilege IAM policies and managed secrets with AWS Secrets Manager to eliminate hardcoded credentials.
Continuous Monitoring & Compliance – Implemented centralized logging and alerting with CloudWatch, ELK, and OTel to ensure real-time threat detection and audit readiness.
Global Reach & Reliability – AWS offers the largest global infrastructure with multiple regions and availability zones, ensuring high availability and disaster recovery options.
Breadth of Services – 200+ fully managed services (compute, storage, databases, AI/ML, security, DevOps) reduce operational overhead and speed up innovation.
Scalability & Elasticity – Auto Scaling and on-demand resources allow seamless handling of unpredictable workloads without overprovisioning.
Security & Compliance – End-to-end encryption, fine-grained IAM, and compliance with global standards (ISO, SOC, HIPAA, GDPR) provide enterprise-grade security.
Cost Optimization – Pay-as-you-go pricing, Reserved Instances, and Savings Plans lower TCO while enabling flexible budgeting.
DevOps & Automation – Strong native integrations with Infrastructure as Code (Terraform/CloudFormation), CI/CD, and monitoring tools accelerate deployments.
Innovation & Ecosystem – Continuous service innovation and a vast partner ecosystem provide future-ready solutions.
Deployed EC2 instances across multiple Availability Zones with Auto Scaling groups, ensuring resilience against AZ-level failures.
Implemented Application Load Balancer (ALB) to distribute traffic across VM instances, enabling fault tolerance and zero-downtime upgrades.
Leveraged Amazon Route 53 with health checks and DNS failover to provide seamless redirection during regional outages.
Configured Amazon EBS with Multi-Attach and regular snapshots, ensuring data durability and rapid recovery.
Automated instance replacement and recovery using EC2 Auto Recovery, reducing MTTR during failures.
Established cross-region disaster recovery with AMI replication and warm standby architecture, meeting RTO and RPO requirements.
Enforced least-privilege access using AWS IAM policies and role-based access controls, reducing security risks.
Implemented AWS KMS for encryption of data at rest and TLS for in-transit security, ensuring compliance with industry standards.
Integrated AWS Secrets Manager to securely rotate and manage credentials, removing hardcoded secrets.
Enabled AWS GuardDuty and Security Hub for continuous threat detection and centralized compliance monitoring.
Applied automated patching on EC2 and EKS workloads via Systems Manager, minimizing vulnerabilities.
Deployed WAF to protect applications from DDoS and web exploits, ensuring high availability.
Full security stack provisioning time reduced from 3 working weeks manually → <1 working week via Terraform + Jenkins (65% faster).
Implemented automated monitoring and recovery workflows on AWS, reducing manual intervention and cutting operational time by 35%.
Optimized deployment pipelines using Terraform and CI/CD using Jenkins, accelerating release cycles and reducing operational overhead by 40%.
100% of metrics and logs captured via Prometheus + ELK, aggregated in Grafana global dashboards.
Automated scaling and patching reduced unplanned downtime incidents by ~35% YoY.
Crest Data is a data and AI-first product engineering and technology solutions provider specializing in Agentic/GenAI, Cybersecurity, Observability, Data Analytics, Workflow Automation, and Cloud. With 1,200+ experts and a track record of 5,500+ successful projects across 150+ global customers, we help organizations build intelligent, secure, and scalable systems.
Backed by strong partnerships with AWS, Google, Microsoft, Datadog, Dynatrace, ServiceNow, NetApp, and others, Crest Data delivers AI-driven engineering, accelerated migrations, and outcome-focused solutions that power digital transformation worldwide.
Neuwave is an AI-native, composable suite of products purpose-built to accelerate integrations, migrations, and operations for ISVs, enterprises, and technology innovators.
© Neuwaveai.com. All Rights Reserved.
A distinguished technology leader with deep expertise in enterprise software and product engineering, he serves on Crest Data’s Board of Advisors. Sumeet is Managing Director of ServiceNow’s India Technology Centre and Senior Vice President of Engineering for the Core Business Workflows portfolio, overseeing products across HR, Finance & Supply Chain, Workplace, Health & Safety, Legal, and Contract Lifecycle Management. Previously, he held senior leadership roles at Broadcom, Cisco, and CA Technologies, scaling teams behind multi-billion-dollar product portfolios. He holds a degree in Computer Science and serves as Chair of the Telangana Regional Council at NASSCOM.
A strategic business, security, and technology leader with over 25 years of experience across telecommunications, financial services, and software industry verticals, he serves on Crest Data’s Board of Advisors. He currently serves as Vice President and Head of Technology Integrations, Technology Alliances at Netskope, driving strategic security and IT integrations at scale and advancing Netskope Cloud Exchange, recognized as a 2021 CRN Top 10 Cloud Security Tool. Previously, he held leadership roles at AT&T, Riverbed, and Palo Alto Networks, building strategic partner ecosystems and enterprise security programs. A former U.S. Navy Surface Warfare Officer, he actively advises and mentors several technology and consumer services companies.
Â
Aditya Khetan is a Director of Technical Support with over 12 years of experience leading 24×7 global product support operations and customer success initiatives. He has built and scaled high‑performing teams, driving data‑informed improvements in NPS, CSAT, and operational efficiency while managing complex escalations. A Splunk Core Certified Consultant and Architect, Aditya has delivered enterprise solutions for global clients and partners closely with senior leadership to align support strategy with business goals.
Brings extensive sales, business development, and consulting expertise to Crest Data, where he drives strategic growth and builds high‑value enterprise relationships across ServiceNow and IT solutions. With a strong background in strategic alliances and solution‑led sales, he focuses on expanding market presence and partnership ecosystems. Rajeev has a proven track record of engaging C‑suite stakeholders, shaping go‑to‑market strategies, and accelerating revenue in competitive technology markets. His leadership blends commercial acumen with deep industry insight.
Bringing over 20 years of experience in information technology and cybersecurity. He has held senior leadership roles across strategic alliances, technical operations, and information security, including positions at VMRay, Cofense, and financial services firms. A long-time faculty member at IANS Research and owner of First Security Alliance, LLC, he has advised hundreds of clients, authored professional publications, and spoken at numerous security conferences. He holds CISSP, CISM, CRISC certifications and an MS in Information Assurance from Walsh College.
Â
Jeet has over a decade of experience across Security Engineering, Implementations, and Operations. As Director of Business Development at Crest Data Systems, he leads the Tech Sales organization, driving growth, solution positioning, and strategic customer engagement. Previously, Jeet led Managed Services teams and delivered more than 100 Professional Services engagements, specializing in deploying, optimizing, and migrating enterprise security platforms such as SIEM, XDR, and UEBA. His blend of technical expertise and consultative sales leadership enables strong customer relationships and measurable business outcomes.
Â
Damion Desai leads West Coast North American sales for Crest Data, based out of San Jose. With over 25 years of experience in enterprise technology sales spanning semiconductors, optics, manufacturing and software services Damion partners closely with our engineering teams to deliver AI-driven cybersecurity solutions to some of the largest technology companies in Silicon Valley. He is a past winner of the Intel Achievement Award and holds a Computer Science degree from The University of Southern California.
Neha Mashruwala is a highly organized and results-oriented marketing strategist with nearly two decades of experience in driving business growth through strategic marketing initiatives.
Known for aligning marketing strategy with business objectives, Neha brings deep expertise across brand strategy, demand gen and lead gen, product marketing, thought leadership, and end-to-end digital marketing. With a strong understanding of enterprise technology, AI-led marketing, creative storytelling, and data-driven execution, she accelerates go-to-market success with a customer-first mindset.
A Fellow Member of the Institute of Company Secretaries of India (ICSI), she brings over 10 years of experience in corporate governance, secretarial practice, corporate restructuring and transaction advisory, fund raising including IPOs, and capital market transactions. With strong legal acumen, she advises the Board of Directors, ensures compliance with applicable legal and regulatory frameworks, and oversees governance systems across the organization, thereby supporting Crest Data’s commitment to transparency, accountability, and responsible business conduct.
Gaytri brings over 25 years of experience driving revenue growth and customer success across global enterprises. She has led large-scale GTM initiatives, including managing over $100 mn Hi-Tech portfolio as Vice President of Sales at Genpact, and held senior sales leadership roles across leading enterprise technology organizations such as Cisco and Salesforce. An IIT Delhi engineering gold medalist, Gaytri blends technical depth with strategic sales leadership to build trusted C-suite relationships and drive sustained, long-term growth.
Â
Rishi leads strategic partnerships with observability vendors, including AWS, Datadog, and Dynatrace. He brings over 20 years of experience building products, partnerships, and driving customer success across the observability, security, and application infrastructure domains. Most recently, Rishi led product management and customer success teams at PromptQL and Sumo Logic, supporting thousands of customers from Fortune 500 enterprises to emerging startups. He lives in Sacramento, CA with his family and enjoys the outdoors.
Bringing over 15 years of experience in cloud and DevOps engineering, he leads technology strategy and execution across product development and deployment at Crest Data. He has expertise in Kubernetes, containers, and multi-cloud architectures, building platforms for performance and scale. Prior to Crest Data, he co-founded and served as CTO of a cloud-native technology company recognized as a Great Place to Work. Colwin holds a Bachelor’s in Computer Science and multiple Kubernetes and AWS certifications.
As the leader of Business Development and Security Ecosystem at Crest Data, Vance leverages over 25 years of experience in security technology. He previously served as a product manager at Armis, driving technical alliances and integrations, and at Nozomi Networks, where he managed protocols and hardware. Vance holds CISSP and CCSP certifications and a Bachelor’s in Physics and a Master’s in Computer Science from Rochester Institute of Technology. He holds a patent in photoprint digitizing scanner technology. Combining his deep technical expertise with strategic leadership he is deeply involved with customers and ISVs to build innovative Cybersecurity solutions.
Â
With over a decade of experience in IT leadership, he oversees enterprise IT infrastructure, cloud operations, and cybersecurity at Crest Data. He leads a cross-functional IT organization, driving secure, scalable, and resilient systems while enabling key security certifications including ISO 27001, SOC 2, GDPR, and BIA. With deep expertise across AWS, Azure, GCP, and AI-driven security tools, he focuses on strengthening endpoint security, managing inhouse data centers, optimizing cloud costs, and ensuring reliable, well-governed IT operations across the organization.
An HR leader deeply committed to people and culture, Devanshi brings over a decade of experience across diverse industries. As Director, HR at Crest Data, she drives culture-first people practices and builds high-impact HR teams aligned with business outcomes across India and the US teams. Known for her sharp insight, empathy, and storytelling-driven influence, she blends strategy with human connection. Outside of work, she cherishes time with her little one, enjoys playing cricket, and loves reading to him.
With more than 25 years of leadership experience in finance, he oversees financial strategy and operations across domestic and international business units. He leads enterprise-wide financial governance, compliance, and growth planning. With deep expertise across finance, taxation, legal operations, procurement, and revenue assurance, he has helped build and scale businesses, including a technology startup in video analytics. Nirav holds an M.Com, CA, a Diploma in Foreign Exchange Risk Management, and is a D&B Certified IFRS Professional.
 With over 25 years of global experience across technology leadership, large-scale product engineering, and operational excellence. She defines and drives Crest Data’s engineering vision and execution across data and AI foundation for security, observability, automation, and cloud domains. Prior to Crest Data, Neha held senior engineering leadership roles at Cisco and other organizations. She has received several engineering awards including Cisco’s Pioneer award and holds a patent in networking security.
Neha holds a bachelor’s engineering degree in Computer Engineering from Gujarat University and a Master’s degree in Computer Networking from North Carolina State University.
Malhar defines the vision and drives a customer-first, agile, and empowering culture rooted in equality and continuous learning. With over 25 years of enterprise technology leadership, Malhar drives strategic growth in data and AI, security, DevOps, and cloud spaces while fostering innovation and team excellence at Crest Data. His strategic leadership positions Crest Data as an AI-first product engineering and technology solutions provider that accelerates clients’ success in a rapidly evolving technology landscape.
Prior to founding Crest, Malhar held leadership roles in product management at Cisco’s Insieme Business Unit (acquired by Cisco in 2013) and Nuova Business Unit (acquired by Cisco in 2008) where he led the growth of Cisco’s Data Center Switching business from inception to an annualized revenue of over $1.5 bn.
Malhar holds a bachelor’s engineering degree in Civil Engineering from Gujarat University and a Master’s degree in Computer Networking from North Carolina State University.