Mesa Security x AWS Activate

The AWS Activate program interested us because we wanted to gain their cloud credits, and more importantly, we saw how valuable AWS Activate was to access their new suite of tools that can allow for efficient scale while minimizing potential infrastructure costs.

In particular, AWS stood out to us with Amazon Bedrock by enabling us to run AI models with complete tenant privacy, ensuring data remains secure and never leaves our infrastructure, while leveraging powerful foundation models without needing to manage the underlying infrastructure. This is extremely important to Mesa’s product requirements as we process large volumes of tenant’s email data.

With AWS Activate, we also found that businesses could leverage the benefits of AWS Activate’s extensive resources and support to enhance their operations.

Our Approach to Building in AWS

AWS Activate provides guidance and resources that are crucial for startups looking to scale efficiently on the AWS platform. By being accepted into AWS Activate program, we were able to access a myriad of tools in the AWS ecosystem that helped us achieve best practices for development and privacy adherence.

We methodically broke down how we would approach our architecture in AWS with the following 6 steps:

1. Designing the Cloud Architecture

Our cloud strategy leverages the following key AWS products:

• Amazon Virtual Private Cloud (VPC): Establishing a secure network perimeter to protect against unauthorized access.
• Amazon Elastic Kubernetes Service (EKS): Deploying a containerized application infrastructure for scalability and high availability.
• Amazon S3 and Databases: Utilizing Amazon S3 for raw data storage and Amazon RDS for structured threat intelligence.
• Amazon EC2: Utilizing GPU instances for inferencing with local LLM and VLM models.
• Amazon SES, SNS and SQS: Processing incoming emails from user submissions, and then using notification and queueing services to further process them in our detection pipeline.

AWS Activate has provided us with the essential tools to streamline our integration processes.

2. Leveraging the Amazon Threat Stack

The heart of the platform lies in real-time threat analysis, powered by AWS’s AI stack:

• Amazon SageMaker: Training deep learning models on historical attack patterns.
• Amazon Comprehend: Deriving and understanding valuable insights from text within documents in emails, primarily for phishing and other malicious intents.
• AWS Glue and Amazon Athena: Running large-scale behavioral analysis across datasets to identify emerging threats.

3. Building an API-First Approach for Seamless Integration

For enterprise customers, seamless integration is crucial:

• Amazon API Gateway: Developing a RESTful API to expose security insights and integrate with enterprise email systems, including Microsoft 365 and Google Workspace.
• AWS Step Functions: Automating response mechanisms like blocking malicious senders and triggering security alerts.
• AWS Lambda: Enabling serverless execution of threat mitigation workflows.

4. Enhancing Security with AWS’s Built-In Features

Security is paramount when handling sensitive data. We reviewed the security and compliance components to the following:

• AWS Security Hub: Ensuring continuous threat monitoring and compliance enforcement.
• AWS Key Management Service (KMS): Managing secrets and encryption keys to protect confidential customer data.
• Amazon GuardDuty: Providing intelligent threat detection and continuous monitoring for malicious activity.

5. Building Privately in Amazon Bedrock

Amazon Bedrock offers a comprehensive, fully managed service that enables developers to efficiently test and deploy AI applications using AWS web services. A couple of features that stood out to us were:

• Amazon’s Foundational Models: There were diverse selection of high-performing foundation models (FMs) from leading AI companies such as Anthropic (Claude 3.5), Meta (Llama 3.3), and Mistral AI. We were able to experiment with and evaluate top models tailored to our needs.
• Serverless Architecture: We could build and scale our generative AI applications seamlessly, integrating them securely into their existing AWS environments
• RAG Implementation: To prevent hallucinations, there were fine-tuning capabilities in Bedrock with proprietary email data and implementing Retrieval Augmented Generation (RAG) techniques.

6. Optimizing Performance & Cost Efficiency

To ensure optimal performance and cost management, we also implemented the following best practices:

• Auto Scaling with Amazon CloudWatch: Dynamically adjusting compute resources based on demand.
• AWS CodePipeline: Automating CI/CD workflows for rapid deployment and iteration.
• Serverless & Event-Driven Architecture: Using Amazon EventBridge for processing high-volume email security events without excessive overhead.

The assistance from AWS Activate is invaluable for businesses aiming to innovate rapidly.

As we continue to explore AWS Activate, we will share more insights on how it enhances our capabilities.

Why AWS Activate?

The most important factors that drew us into building on AWS were:

• Enterprise-Grade Cloud Infrastructure: AWS’s private cloud capabilities ensure high security and compliance.
• Comprehensive Service Portfolio: A vast array of services allows for tailored solutions to meet specific needs.
• Global Reach: AWS’s extensive global infrastructure enables low-latency connections and reliable service delivery.

We’ll be updating this blog in the future with all our experimentation in Bedrock and especially implementing RAG techniques to our custom models. Stay tuned!