This case study details the successful implementation of build automation and observability for our Extended Detection and Response (XDR) product on AWS. Following AWS best practices, the solution harnesses native cloud services to deliver comprehensive visibility, high availability, and operational efficiency. By integrating tightly with AWS’s secure and scalable infrastructure, the deployment enables real-time monitoring, accelerates incident response, and optimizes system performance.
The customer is an innovative cybersecurity firm focused on developing cloud-native, scalable, and intelligent security solutions tailored for modern enterprises. Their flagship XDR platform emphasizes advanced threat detection, automated response, and deep observability across complex, distributed environments. By leveraging AWS, the customer ensures secure, resilient, and high-performance deployments that conform to industry standards and best practices.
The customer faced a distinctive architectural challenge: deploying their XDR product directly within end-users’ cloud environments without having direct access or administrative control. This required designing a fully automated, zero-touch deployment framework capable of operating reliably across heterogeneous customer infrastructures. Additionally, securing communications—through automated management of VPN tunnels and encrypted data flows—without manual intervention added significant complexity.
If unaddressed, these challenges risked causing deployment delays, increasing operational overhead, and introducing security vulnerabilities. More importantly, failure to automate observability and maintain secure, scalable communications would have impeded product adoption, eroded customer trust, and compromised the ability to deliver a seamless, secure experience to end-users.
The customer selected AWS as the cloud platform for its solution due to its extensive portfolio of native services, global scalability, and industry-leading security features. AWS offered the flexibility and reliability necessary to support a highly distributed, customer-managed deployment model, enabling seamless deployment of the XDR product across diverse end-user cloud environments. With services like AWS CloudFormation and AWS Systems Manager, the platform facilitated automation of complex deployment and observability workflows at scale.
Moreover, AWS’s strong security architecture and compliance framework aligned closely with the customer’s zero-trust principles, where secure communication and data integrity were paramount. By adopting AWS, the customer was able to deliver a secure, scalable, and cloud-agnostic XDR solution with minimal operational complexity.
Â
The customer engaged the partner for their specialized expertise in cloud-native security solutions and deep familiarity with the AWS ecosystem. The partner successfully designed and implemented the XDR platform to fulfill the unique requirement of secure, autonomous deployments within end-user environments—without requiring direct administrative access. By utilizing AWS’s scalable infrastructure, the partner delivered a highly automated and resilient platform aligned with cloud best practices.
A distinguishing factor was Crest Data’s capability to build a federated observability architecture, enabling each new tenant deployment to be automatically integrated into a centralized monitoring and analytics system. This approach provided unified, real-time visibility and operational insights across all environments. Crest Data’s combined strength in AWS architecture and infrastructure automation positioned them as the optimal choice to address the customer’s complex security and deployment needs.
Crest Data addressed the customer’s challenge of automating the deployment of their product in AWS by designing a scalable, secure, and fully automated cloud architecture. The solution emphasized seamless tenant onboarding, infrastructure as code, continuous integration and deployment (CI/CD), and robust observability, all tailored to meet enterprise-grade requirements. This implementation leveraged DevOps and GitOps best practices.
The deployment process was initiated using AWS CloudFormation, which provisioned the foundational networking infrastructure, including VPCs, Subnets, NAT Gateways, Internet Gateways, Security Groups, and Route Tables. Additionally, the CloudFormation template deployed EC2 instances configured as self-hosted GitHub Actions runners for the Crest Data’s private repositories. Leveraging these EC2 runners, further infrastructure components were provisioned using Terraform in conjunction with GitHub Actions workflows.
The deployment infrastructure incorporated Amazon EKS to host tenant workloads as well as observability components. Persistent storage for EKS workloads was facilitated through AWS EFS and EBS, while AWS S3 was employed for long-term, cold storage requirements.
The architecture featured multiple AWS Load Balancer endpoints to serve microservices and observability-related traffic, all secured through mutual TLS (mTLS) enabled by underlying NGINX ingress controllers.
Each onboarded tenant environment operated its own Prometheus instance, which was scraped securely over mTLS by a central SaaS Prometheus deployment, providing granular observability into tenant-specific metrics. Furthermore, tenants deployed Logstash instances responsible for forwarding log data to a centralized Elasticsearch cluster hosted within the Crest Data’s SaaS platform. This architecture ensured secure, comprehensive, and scalable observability across all tenant environments.
Â
Infrastructure Automation
Entire infrastructure defined using Infrastructure as Code (IaC).
Terraform scripts and Helm charts (stored in Git) define network, compute, and security resources.
Github Actions and ArgoCD automated deployment of Terraform/Helm stacks on code merges.
Monitoring & Logging
A federated observability architecture was implemented using Prometheus and the ELK stack (Elasticsearch, Logstash, Kibana), enabling centralized monitoring and logging across all tenant environments.
Metrics are collected using Prometheus within each tenant cluster and securely transmitted over mTLS to the central customer SaaS platform.
Logs are forwarded via Filebeat and visualized through Kibana, with data securely ingested into a centralized Elasticsearch cluster.
Both logging and monitoring pipelines are fully automated to ensure consistent deployment, scalability, and operational efficiency across all environments.
Environment Setup
The customer’s SaaS platform and each tenant environment are deployed in separate AWS accounts, ensuring strict isolation, enhanced security, and regulatory compliance.
Each environment is provisioned with its own dedicated VPC containing public and private subnets.
Subnets are distributed across three Availability Zones (AZs) to provide high availability and fault tolerance.
DevSecOps Best Practices
Version-controlled infrastructure code.
Rolling upgrades for services.
Secure secrets management with AWS Secrets Manager and 1-password.
The deployment of the automated XDR platform on AWS delivered significant operational and strategic benefits to the customer. By leveraging AWS-native services alongside infrastructure-as-code and GitOps practices, the partner enabled fully automated, repeatable, and scalable tenant provisioning. The streamlined automation process reduced deployment time for new environments from numerous hours to under 30 minutes, improving engineering efficiency and accelerating customer onboarding.
The solution also drove cost efficiency. By using scalable services like Amazon EKS and storage tiers such as EBS, EFS, and S3, the customer reduced infrastructure and maintenance costs by over 35% compared to traditional deployment models. GitHub Actions and self-hosted runners eliminated the need for third-party CI/CD tooling, further optimizing cost and control.
Operational visibility improved significantly through a multi-tenant observability model that centralized monitoring and logging while maintaining strict isolation and security. With Prometheus and Elasticsearch integrated across tenants and securely accessed via mutual TLS, the team achieved 70-80% faster incident detection and response times, while also reducing MTTR (mean time to resolution) across environments.
Neuwave is an AI-native, composable suite of products purpose-built to accelerate integrations, migrations, and operations for ISVs, enterprises, and technology innovators.
© Neuwaveai.com. All Rights Reserved.
A distinguished technology leader with deep expertise in enterprise software and product engineering, he serves on Crest Data’s Board of Advisors. Sumeet is Managing Director of ServiceNow’s India Technology Centre and Senior Vice President of Engineering for the Core Business Workflows portfolio, overseeing products across HR, Finance & Supply Chain, Workplace, Health & Safety, Legal, and Contract Lifecycle Management. Previously, he held senior leadership roles at Broadcom, Cisco, and CA Technologies, scaling teams behind multi-billion-dollar product portfolios. He holds a degree in Computer Science and serves as Chair of the Telangana Regional Council at NASSCOM.
A strategic business, security, and technology leader with over 25 years of experience across telecommunications, financial services, and software industry verticals, he serves on Crest Data’s Board of Advisors. He currently serves as Vice President and Head of Technology Integrations, Technology Alliances at Netskope, driving strategic security and IT integrations at scale and advancing Netskope Cloud Exchange, recognized as a 2021 CRN Top 10 Cloud Security Tool. Previously, he held leadership roles at AT&T, Riverbed, and Palo Alto Networks, building strategic partner ecosystems and enterprise security programs. A former U.S. Navy Surface Warfare Officer, he actively advises and mentors several technology and consumer services companies.
Â
Aditya Khetan is a Director of Technical Support with over 12 years of experience leading 24×7 global product support operations and customer success initiatives. He has built and scaled high‑performing teams, driving data‑informed improvements in NPS, CSAT, and operational efficiency while managing complex escalations. A Splunk Core Certified Consultant and Architect, Aditya has delivered enterprise solutions for global clients and partners closely with senior leadership to align support strategy with business goals.
Brings extensive sales, business development, and consulting expertise to Crest Data, where he drives strategic growth and builds high‑value enterprise relationships across ServiceNow and IT solutions. With a strong background in strategic alliances and solution‑led sales, he focuses on expanding market presence and partnership ecosystems. Rajeev has a proven track record of engaging C‑suite stakeholders, shaping go‑to‑market strategies, and accelerating revenue in competitive technology markets. His leadership blends commercial acumen with deep industry insight.
Bringing over 20 years of experience in information technology and cybersecurity. He has held senior leadership roles across strategic alliances, technical operations, and information security, including positions at VMRay, Cofense, and financial services firms. A long-time faculty member at IANS Research and owner of First Security Alliance, LLC, he has advised hundreds of clients, authored professional publications, and spoken at numerous security conferences. He holds CISSP, CISM, CRISC certifications and an MS in Information Assurance from Walsh College.
Â
Jeet has over a decade of experience across Security Engineering, Implementations, and Operations. As Director of Business Development at Crest Data Systems, he leads the Tech Sales organization, driving growth, solution positioning, and strategic customer engagement. Previously, Jeet led Managed Services teams and delivered more than 100 Professional Services engagements, specializing in deploying, optimizing, and migrating enterprise security platforms such as SIEM, XDR, and UEBA. His blend of technical expertise and consultative sales leadership enables strong customer relationships and measurable business outcomes.
Â
Damion Desai leads West Coast North American sales for Crest Data, based out of San Jose. With over 25 years of experience in enterprise technology sales spanning semiconductors, optics, manufacturing and software services Damion partners closely with our engineering teams to deliver AI-driven cybersecurity solutions to some of the largest technology companies in Silicon Valley. He is a past winner of the Intel Achievement Award and holds a Computer Science degree from The University of Southern California.
Neha Mashruwala is a highly organized and results-oriented marketing strategist with nearly two decades of experience in driving business growth through strategic marketing initiatives.
Known for aligning marketing strategy with business objectives, Neha brings deep expertise across brand strategy, demand gen and lead gen, product marketing, thought leadership, and end-to-end digital marketing. With a strong understanding of enterprise technology, AI-led marketing, creative storytelling, and data-driven execution, she accelerates go-to-market success with a customer-first mindset.
A Fellow Member of the Institute of Company Secretaries of India (ICSI), she brings over 10 years of experience in corporate governance, secretarial practice, corporate restructuring and transaction advisory, fund raising including IPOs, and capital market transactions. With strong legal acumen, she advises the Board of Directors, ensures compliance with applicable legal and regulatory frameworks, and oversees governance systems across the organization, thereby supporting Crest Data’s commitment to transparency, accountability, and responsible business conduct.
Gaytri brings over 25 years of experience driving revenue growth and customer success across global enterprises. She has led large-scale GTM initiatives, including managing over $100 mn Hi-Tech portfolio as Vice President of Sales at Genpact, and held senior sales leadership roles across leading enterprise technology organizations such as Cisco and Salesforce. An IIT Delhi engineering gold medalist, Gaytri blends technical depth with strategic sales leadership to build trusted C-suite relationships and drive sustained, long-term growth.
Â
Rishi leads strategic partnerships with observability vendors, including AWS, Datadog, and Dynatrace. He brings over 20 years of experience building products, partnerships, and driving customer success across the observability, security, and application infrastructure domains. Most recently, Rishi led product management and customer success teams at PromptQL and Sumo Logic, supporting thousands of customers from Fortune 500 enterprises to emerging startups. He lives in Sacramento, CA with his family and enjoys the outdoors.
Bringing over 15 years of experience in cloud and DevOps engineering, he leads technology strategy and execution across product development and deployment at Crest Data. He has expertise in Kubernetes, containers, and multi-cloud architectures, building platforms for performance and scale. Prior to Crest Data, he co-founded and served as CTO of a cloud-native technology company recognized as a Great Place to Work. Colwin holds a Bachelor’s in Computer Science and multiple Kubernetes and AWS certifications.
As the leader of Business Development and Security Ecosystem at Crest Data, Vance leverages over 25 years of experience in security technology. He previously served as a product manager at Armis, driving technical alliances and integrations, and at Nozomi Networks, where he managed protocols and hardware. Vance holds CISSP and CCSP certifications and a Bachelor’s in Physics and a Master’s in Computer Science from Rochester Institute of Technology. He holds a patent in photoprint digitizing scanner technology. Combining his deep technical expertise with strategic leadership he is deeply involved with customers and ISVs to build innovative Cybersecurity solutions.
Â
With over a decade of experience in IT leadership, he oversees enterprise IT infrastructure, cloud operations, and cybersecurity at Crest Data. He leads a cross-functional IT organization, driving secure, scalable, and resilient systems while enabling key security certifications including ISO 27001, SOC 2, GDPR, and BIA. With deep expertise across AWS, Azure, GCP, and AI-driven security tools, he focuses on strengthening endpoint security, managing inhouse data centers, optimizing cloud costs, and ensuring reliable, well-governed IT operations across the organization.
An HR leader deeply committed to people and culture, Devanshi brings over a decade of experience across diverse industries. As Director, HR at Crest Data, she drives culture-first people practices and builds high-impact HR teams aligned with business outcomes across India and the US teams. Known for her sharp insight, empathy, and storytelling-driven influence, she blends strategy with human connection. Outside of work, she cherishes time with her little one, enjoys playing cricket, and loves reading to him.
With more than 25 years of leadership experience in finance, he oversees financial strategy and operations across domestic and international business units. He leads enterprise-wide financial governance, compliance, and growth planning. With deep expertise across finance, taxation, legal operations, procurement, and revenue assurance, he has helped build and scale businesses, including a technology startup in video analytics. Nirav holds an M.Com, CA, a Diploma in Foreign Exchange Risk Management, and is a D&B Certified IFRS Professional.
 With over 25 years of global experience across technology leadership, large-scale product engineering, and operational excellence. She defines and drives Crest Data’s engineering vision and execution across data and AI foundation for security, observability, automation, and cloud domains. Prior to Crest Data, Neha held senior engineering leadership roles at Cisco and other organizations. She has received several engineering awards including Cisco’s Pioneer award and holds a patent in networking security.
Neha holds a bachelor’s engineering degree in Computer Engineering from Gujarat University and a Master’s degree in Computer Networking from North Carolina State University.
Malhar defines the vision and drives a customer-first, agile, and empowering culture rooted in equality and continuous learning. With over 25 years of enterprise technology leadership, Malhar drives strategic growth in data and AI, security, DevOps, and cloud spaces while fostering innovation and team excellence at Crest Data. His strategic leadership positions Crest Data as an AI-first product engineering and technology solutions provider that accelerates clients’ success in a rapidly evolving technology landscape.
Prior to founding Crest, Malhar held leadership roles in product management at Cisco’s Insieme Business Unit (acquired by Cisco in 2013) and Nuova Business Unit (acquired by Cisco in 2008) where he led the growth of Cisco’s Data Center Switching business from inception to an annualized revenue of over $1.5 bn.
Malhar holds a bachelor’s engineering degree in Civil Engineering from Gujarat University and a Master’s degree in Computer Networking from North Carolina State University.