Anton Lukin, Senior Solutions Architect – AWS
by Artem Kobrin, Head of Cloud and Partner – Neurons Lab
Neuron Lab |
![]() |
Audits are crucial to a strong cybersecurity defense, requiring companies to regularly assess their information systems for vulnerabilities and compliance with industry standards. This process is essential for identifying threats and ensuring regulatory compliance, but it can also place a heavy burden on cybersecurity teams by requiring them to comb through vast amounts of documentation and system configurations.
The complexity and volume of data involved can lead to extended audit times, delayed threat detection, and increased operational costs. Drata’s 2023 Compliance Trends ReportOrganizations spend an average of 4,300 hours per year trying to achieve or maintain compliance, a huge amount of time that could be saved by applying generative AI.
In this article, Neuron Lab, AWS Advanced Tier Service Partners AWS Marketplace sellers with Generative AI, Machine Learning, and Healthcare competencies Peak Defense Automate manual compliance processes with precision.
Peak Defence provides information security compliance consulting services, helping clients meet standards and frameworks such as ISO 27001, NIST, SOC2, etc. Neurons Lab is an AI consulting firm providing end-to-end services for mid-sized and large enterprises.
Peak Defence’s security audit process and RFP response management has been transformed through automation with Amazon Bedrock, Amazon Sagemaker, and Anthropic Claude 3.
Challenge: Increasing demand and competition
Faced with increasing demand, achieving compliance, managing information security systems, and responding to RFPs, it was taking a significant toll on Peak Defence’s employees’ time and resources and limiting the company’s ability to scale.
Peak Defence sought to evolve its services not only to unlock new capabilities but also to remain a market leader in the highly competitive cybersecurity space. Neurons Lab worked with Peak Defence to implement an AI platform on Amazon Bedrock that leverages LLMs (large-scale language models) to automate manual compliance processes.
Peak Defence’s ultimate goal with this project was to accelerate their transition from consulting to a customer-facing SAAS platform. AI allows them to transfer and extend knowledge for their customers, improving security and empowering them to act quickly with clarity amidst vast amounts of data and security threats.
The reason for using AWS services in particular is to maintain control over customer data and ensure it is not placed into an “ungoverned” AI learning environment, a major concern in the cybersecurity world.
Solution: Pioneering Cybersecurity with Generative AI
Several architectural considerations are key to achieving a robust, scalable, and secure platform, including selecting AI models based on performance and adaptability, designing an architecture that supports scalability and efficiency, and integrating advanced security measures to protect sensitive data.
The solution’s document ingestion process is designed to seamlessly integrate company policy documents into a centralized knowledge base.
By leveraging various SaaS platforms and enterprise repositories such as Jira, GitHub, SharePoint, etc., a wide range of organizational knowledge can be collected. This data is processed through LLM embedding models such as Amazon Titan Embeddings G1.
As a new way to search and manage documents, PeakDefense’s AI automation platform now: Quadrant Vector and keyword search.
Vector searches are particularly useful for understanding content in different languages, finding documents with similar meanings, and searching for short pieces of text with typos or whose meaning is unclear without context. However, keyword searches are still used to find exact phrases, such as security standard names or specific terms, to ensure you don’t miss anything.
overview
Peak Defense’s AI automation platform leverages Claude 3 and Amazon Titan, which are essential for automating compliance audits and writing responses to RFPs. These AI models generate human-like text and offer multi-language support, making the solution highly adaptable.
A serverless architecture utilizing AWS Step Functions and AWS Lambda ensures operational efficiency and scalability. This setup allows for dynamic management of fluctuating workloads, which is essential for timely processing of audits and RFPs. AWS Step Functions streamlines the orchestration of microservices and data pipelines, while AWS Lambda integrated with the LangChain framework provides scalability.
Converting complex documents into semantically rich embeddings and storing them in Qdrant enables fast and accurate information retrieval. This process is essential for our Search Augmentation Generation (RAG) approach, which powers AI output with real-time data exploration.
Architecture
Figure 1 – AWS Reference Architecture.
To operationalize the flows, the following process was applied:
- of Active Customers You can upload documents and interact with the system through a web-based user interface deployed using AWS Fargate, a fully managed serverless container service that can automatically scale up and down depending on demand.
- AWS Fargate It hosts an API for initiating processes and orchestrating the entire document and data management sequence.
- AWS Step Functions We orchestrate the workflow by first invoking AWS Lambda to split the audit questions into batches and then process them individually. AWS Lambda executes the LangChain chain, including generating, scoring, and inferring answers for each question.
- StepFunction then consolidates all processed questions into a comprehensive, detailed report covering all enquiries, followed by a short report, customized for your audit purposes, outlining the ISO 27001 requirements along with the compliant or non-compliant status of each standard. LLM (Master of Laws).
As we refine our cybersecurity solutions built on the solid foundation of a scalable, AI-driven architecture, we dive deeper into key aspects of LLM evaluation and testing. This phase is critical to ensure that the solution not only performs optimally under a variety of conditions, but also remains compliant with the dynamic nature of cybersecurity threats and evolving compliance standards.
The evaluation strategy incorporates advanced tools such as: Raga and LangfuseIt includes a set of rigorously defined performance metrics that evaluate LLM output in terms of relevance, precision, hallucination, and fidelity of generated responses.
These metrics serve as a quantitative basis for continuous improvement, allowing us to refine our models with precision and confidence. Figure 2 below shows an example of an evaluation strategy using Langfuse.
Figure 2: Langfuse interface
Key to our success in optimizing LLM performance was our partnership with Peak Defence to jointly develop a test dataset that was specifically designed to simulate a wide range of cybersecurity scenarios and compliance requirements to challenge the model.
Through targeted experimentation and continuous learning mechanisms, performance improvements are tracked over time, ensuring that the solution evolves in line with the latest cybersecurity trends and technologies.
Figure 3: Test dataset
After collecting the feedback, the team systematically processed and analyzed it to extract actionable insights, which were then incorporated into the dataset and served as the basis for further fine-tuning the model and enhancing the AI solution.
This cycle of feedback analysis and dataset integration is essential to continuously improve the solution and evolve it in line with user expectations and technological advancements.
Conclusion
The AI automation platform was launched within three months. With AI solutions, what previously required two to three weeks of manual work can now generate compliance reports and responses to security RFPs within minutes..
Thanks to automated infrastructure provisioning with GitHub Actions and the AWS Cloud Development Kit, we can now deploy new environments from scratch. Just 15 minutesUltimately, compliance consulting, which was once bottlenecked by manual processes, can now efficiently scale to serve more customers.
- Previously, the Peak Defence team had to handle an ever-increasing number of repetitive tasks, draining resources, risking employee burnout, and leaving room for human error.
- Now, Peak Defence is applying a more sophisticated form of human thinking while automating some of the manual steps, saving the team valuable time and ensuring the highest quality delivery for sensitive tasks.
- Peak Defence’s AI automation platform can now generate audit reports in hours instead of minutes, depending on the size of the company.
- This helps customers move through the compliance process faster without missing out on important details or overlooking critical information.
- The platform will enable Peak Defence to provide compliance consulting to its clients more quickly, without compromising on the quality of its service.
Neurons Lab’s global team includes data scientists, cloud specialists, domain and user design experts, and business strategists, backed by a broad talent pool of 500+ engineers. They solve the most complex AI challenges, including automating cybersecurity business operations with generative AI. To learn more about Neurons Lab and its services, Website Check out our offerings on AWS Marketplace or contact us at info@neurons-lab.com for more information.
customer’s voice
“At a time of fundamental transformation, we needed a professional and flexible partner. Neurons Labs helped us add generative AI capabilities to our existing successful platform, allowing Peak Defence to evolve and offer new capabilities to our customers. The Neurons Lab team brings experience, organizational skills and creativity to the project. This combination makes for an efficient and enjoyable collaboration. We have no hesitation in recommending the team.”
– Roman Jacinth, Co-Founder and Director of Peak Defence
NeuronsLab – AWS Partner Spotlight
Neuron Lab AWS Specialized Partner Additionally, AI Consulting offers end-to-end services to help businesses harness the power of AI, from identifying high-impact AI applications to integrating and extending the technology.
Contact partner | Partner Overview | AWS Marketplace | Case Studies