Biopharma firm secures microservices platform against critical risks
A major biopharma firm partnered with Modus Create to standardize and strengthen security across its serverless microservices platform. Through a phased security program, the firm eliminated all critical vulnerabilities and demonstrated that enterprise-grade security can be achieved without slowing down innovation.
Subscribe via Email
Subscribe to our blog to get insights sent directly to your inbox.
Phase 1: Closing gaps at the edge
The first priority for the team was consistent perimeter defense. Our team integrated Cloudflare with Amazon API Gateway and applied AWS WAF v2 at the stage level. This ensured that every request passed through managed rule sets, shutting down bypass paths and eliminating uneven protections across environments.
Phase 2: Building resilience into data
The focus then shifted to workloads and storage. Our team ran application services as AWS Lambda functions, each operating with least-privilege execution roles. Amazon DynamoDB provided encrypted persistence with 35-day point-in-time recovery,ensuring compliance while protecting patient data against loss or corruption.
Phase 3: Cutting complexity out of the network
With the edge and core secured, the team turned its focus on the network footprint. We consolidated thousands of legacy Amazon CloudFront distributions, removing redundant paths and simplifying management. This created a leaner and more maintainable infrastructure with fewer weak spots to defend.
Phase 4: Unifying monitoring and strengthening identity
Finally, the team centralized oversight and reinforced accountability. Using AWS Security Hub, we aggregated findings from Amazon GuardDuty, AWS Config, and planned Amazon Inspector scans into the existing security information and event management workflows, giving security teams a single view of risk.
Amazon Cognito replaced shared credentials with project-scoped role-based access and multi-factor authentication, tightening access controls. The team codified Infrastructure through AWS CloudFormation and AWS Serverless Application Model (SAM), making every control versioned, reviewable, and repeatable.
What began as a patchwork of controls transformed into a trusted platform, and the benefits were evident across both operations and security outcomes.
Impact
Complete mitigation of critical risks across the microservices platform
The project was completed in just four months. Its success was demonstrated by the fact that external penetration testing across multiple production services found zero critical or high-risk vulnerabilities. The operational benefits were equally significant:
- 90% reduction in network infrastructure code, simplifying the environment and reducing opportunities for error.
- Security automation closed gaps that had previously required manual oversight.
- Developers continued to move at speed, using standardized secure patterns that allowed new projects to launch without reinventing security controls.
Due to the success of the project, the biopharma company is extending the security model across new platforms, adopting AWS Control Tower for environment segregation, AWS Macie for automated data classification, and preparing AWS Inspector for Lambda functions to strengthen vulnerability management. The effort has evolved into a repeatable enterprise standard, proving that robust security can advance alongside digital innovation in life sciences.
Related Customer Stories
Discover more customer stories.
