Back to Resources

How We Built a Product to Solve for Big “I” Incidents: An Engineer’s Perspective
By Kevin Gaffney
How We Built a Product to Solve for Big “I” Incidents: An Engineer’s Perspective

There’s a big difference between “little i” incidents – the types of events that companies face regularly, such as a lost laptop – versus “big I” incidents that impact your organization’s security and reputation as a whole, and can result in significant losses and liability if not properly and immediately addressed. As Epictetus noted 2,000 years ago, it’s not what happens to you, but how you respond that determines the outcome.

The majority of incident response today is based around using a company's existing internal tooling, such as instant messaging, ticketing tools and email. In a “big I” incident, as evidenced by recent and high-profile attacks, a threat actor has gained access and administrative capability over these tools. Internal tooling cannot be trusted, so an out-of-band solution is required.

While an organization’s standard communications tools may be suitable for “little i” incidents, CYGNVS was designed for handling “big I” events with confidence. CYGNVS is architected with security and scalability at the core. CYGNVS leaves the world of PDF response plans behind by enabling your organization to activate actionable prebuilt industry playbooks or develop your own.

The platform enables your organization to connect to an ecosystem of experts. With CYGNVS your organization has an actionable plan, and is securely connected, giving you confidence and control in a cyber crisis.

The technologies that power the CYGNVS platform

Standing on the shoulders of giants and leveraging AWS’ physical infrastructure, managed services, and best practices has enabled CYGNVS to focus on architecting a platform that is there for our customers when they need us most.

Here’s an overview of the technologies that power our platform to help our partners handle incident response at scale.


Serverless architecture - Lambda on AWS

Compute at CYGNVS is architected on AWS Lambda. This gives the platform the capability to scale on demand.

AWS Lambda runs on highly available, fault-tolerant infrastructure spread across multiple Availability Zones. It frees up engineering resources by taking over the infrastructure management, allowing CYGNVS to focus on development of the platform for our customers.

Another key advantage of using AWS Lambda is that it enables the “least privilege” principle. Granular compute enables fine-grained access control of resources compared with a traditional server model.

A single API for all clients - GraphQL

Traditionally, when a feature is built on a platform, APIs are developed separately to support web, mobile and integrations. This leads to features not being available to some applications or exhibiting different behaviors across device types as they were implemented at different times and by different teams.

CYGNVS adopted GraphQL to solve this problem. As CYGNVS develops new features, they automatically become available to all consumers over a single API. The security model is baked into the API, ensuring all requests from internal (Web, iOS & Android) or external applications are treated equally securely.

Scalable persistence - DynamoDB

The scalability attributes of the CYGNVS AWS Lambda compute layer require an equally scalable persistence store. AWS DynamoDB, a fully managed NoSQL database, gives the platform the foundation to reliably service and scale to meet the needs of a dynamically scaling compute layer.

Some of DynamoDB’s key features include:

  • Single-digit response times at scale
  • Seamless data replication across multiple availability zones
  • Fine-grained access control and industry best practices for encrypting data

Benefits of CYGNVS to customers

Now that we’ve looked at what the powerful CYGNVS platform is built on, let’s take a closer look at how the technology helps our customers before, during, and after the incident response process.

Security and compliance at the core

CYGNVS is built on AWS technologies that offer enterprise-grade security protocols and extensive compliance controls. The platform is developed and managed with industry best practices and independently verified as part of our compliance programs. CYGNVS has comprehensive security and compliance programs, details of which can be made available under NDA.

CYGNVS is proud to partner with the world's busiest breach response experts. As part of a rigorous evaluation process, they have conducted extensive evaluations of both the platform and the company, along with conducting their own penetration tests. We also regularly engage with independent third parties to conduct independent penetration tests.

Retain ownership of your data

In today's world of “big I” incidents, the word commonly used to describe the scene is “chaos.” Teams turn to whatever communication tools they have installed on their personal devices, which are often their own personal email and instant messaging tools.

CYGNVS brings order to the chaos, enabling customers to have full ownership of their data. Employees use the platform to collaborate, complete tasks and record material facts of the incident. Vendors are invited into your incident room. Our secure platform provides a central safe place to coordinate your incident response strategy, and to effectively bring all stakeholders together to collaborate in your moment of crisis. CYGNVS combines an unstructured system of engagement with a structured system of record in a single platform.

A secure network of trusted vendors

With CYGNVS, you have fine-grained access control capability to manage what content can be seen by whom and when. The CYGNVS network enables you to connect with an ecosystem of trusted experts while maintaining your ownership of the data. Lawyers, forensics specialists, insurers and and other expert consultants are available at a click-through to help you respond and recover during a crisis.

Seamless scalability

Time is of the essence during incident responses – you can’t wait hours or days to spin up new environments and provision users. CYGNVS has been architected with the principle of dynamically scaling at its core. In fact, our solution has already been put to the test and shown that it can deliver: CYGNVS has processed over 9,000 room operations for a Fortune 100 customer in under a minute.

“Big I” incidents require infrastructure designed to solve “big I” problems. CYGNVS is architected to help enterprises manage incident response quickly and efficiently – so that you can minimize operational disruptions and protect your enterprise, no matter how severe an attack may be.

By Kevin Gaffney
Kevin Gaffney is Chief Technology Officer at CYGNVS and is responsible for the strategic direction of the company’s technology. Kevin is one of the founding engineers responsible for the overall architectural design of the technology that powers CYGNVS. Prior to CYGNVS, Kevin was a principal engineer at Workday. Kevin holds a bachelor’s degree in software engineering from Dublin City University in Ireland.