Abstract Security
Palo Alto, California
Cybersecurity
AWS Graviton Amazon EKS Docker / ARM64 Container Images GitHub Actions Terraform / Infrastructure-as-Code Red Panda (ARM64) ClickHouse (ARM64)
Abstract Security is a cybersecurity company whose platform detects threats in real time by processing security data in-stream (before it ever reaches a SIEM), reducing detection latency from hours to seconds. Running a high-throughput data pipeline at up to 50 terabytes per day, the cost of their x86 compute footprint had become a material consideration at scale. Abstract Security engaged Avahi to execute a structured migration of their EKS-based platform from x86 to AWS Graviton processors, validating that their full stack, including specialized components like Red Panda and ClickHouse, could run reliably on ARM architecture at equivalent or better performance and lower cost. The migration was successfully validated at full 50TB/day throughput, positioning Graviton as the standard architecture recommendation across Abstract Security’s own infrastructure and their entire customer base.
Abstract Security is a Palo Alto-based cybersecurity company on a mission to detect and stop adversaries by transforming how security data is managed and analyzed in real time. Their platform executes threat detection in-stream — before data reaches a SIEM or storage layer — compressing detection latency from hours down to seconds. To deliver that capability at enterprise scale, Abstract Security operates high-performance infrastructure processing up to 50 terabytes of data per day, running approximately 20 instances in an EKS cluster for prospect scale testing alongside multi-tenant clusters deployed across AWS, GCP, and Azure for customer environments.
As Abstract Security’s platform scaled, the cost of sustaining their compute footprint on x86 infrastructure became increasingly difficult to ignore. AWS Graviton processors, ARM-based and purpose-built for price-performance efficiency, presented a potential path to meaningful cost reduction. But for a platform where performance is not optional, the question wasn’t simply whether Graviton was cheaper. It was whether Graviton could sustain the throughput their real-time detection architecture demands, without introducing risk to the data pipeline their customers depend on.
The challenge was compounded by the composition of their stack. Abstract Security’s platform includes not just first-party Golang, Python, and Java services, but specialized third-party components, Red Panda, a high-performance streaming data platform, and ClickHouse, a columnar database central to their analytics pipeline. Unlike application code that can typically be recompiled for ARM64, third-party platforms may lack ARM-compatible releases, carry undocumented configuration requirements, or exhibit performance regressions on ARM. For a 50TB/day pipeline, a compatibility gap in either component wasn’t a minor inconvenience. It would invalidate the entire effort.
Abstract Security needed a structured, validated answer to two specific questions: could their complete platform stack run reliably on Graviton, and could it do so at equivalent or better performance than their x86 baseline? The answer would determine Graviton’s viability not just for their own infrastructure, but as a standard architecture recommendation they could confidently extend across their customer base.
Abstract Security’s infrastructure was already deeply rooted in AWS, with Amazon EKS as the foundation for their containerized workloads. AWS Graviton was the natural evolution of that existing architecture, offering ARM-based compute within the same EKS environment, managed through the same Terraform workflows, without requiring a platform change or cloud migration.
Beyond architectural continuity, AWS Graviton is purpose-built for the kind of sustained, high-throughput compute Abstract Security requires. AWS has positioned Graviton as its recommended processor for new workloads based on demonstrated price-performance advantages across a wide range of compute-intensive use cases, making it a well-supported, strategically sound target for a data-intensive platform operating at the scale Abstract Security operates.
Avahi is a premier-tier AWS Partner with proven expertise in containerized infrastructure, EKS architecture, and complex workload migrations. Abstract Security needed more than a team that understood Graviton in theory. They needed a partner who could execute a technically rigorous migration against a stack that included specialized, high-throughput third-party components with no margin for mid-execution surprises.
Avahi’s approach to the engagement was defined by a multi-layered compatibility assessment during Discovery, evaluating not just application code, but build pipelines, GitHub Actions workflows, Docker container builds, ARM-specific binary requirements, and third-party dependency compatibility simultaneously, before a single line of infrastructure was provisioned. This upfront investment in clarity eliminated the most common failure mode in architecture migrations: discovering mid-execution that a critical dependency lacks an ARM64-compatible version. For Abstract Security, where Red Panda and ClickHouse are load-bearing components of a 50TB/day pipeline, that kind of mid-migration blocker would have derailed the project entirely.
By resolving every compatibility question in Discovery, Avahi was able to enter the Execution phase with a fully mapped dependency chain and a clear path to completion, reducing risk, accelerating delivery, and ensuring the validation results would be definitive rather than qualified.
Avahi executed the migration across three structured phases, designed to front-load risk resolution and ensure the final validation would be both comprehensive and credible.
The migration validated that Abstract Security’s complete platform stack, including Red Panda and ClickHouse, runs reliably on AWS Graviton at full production throughput. The Graviton environment sustained the 50TB/day processing requirement with equivalent performance to the x86 baseline, while delivering measurable cost reduction at that compute scale. Abstract Security now has the evidence base to adopt Graviton as a standard architecture recommendation across their own infrastructure and to apply the same migration framework systematically across their customer environments.
Avahi’s reusable migration framework — compatibility assessment across code, pipelines, and dependencies; ARM build workflow creation; environment-matched cluster provisioning; and load-validated throughput benchmarking — positions Abstract Security to extend these gains broadly rather than treating this as a one-time effort.
Let’s explore your high-impact AI opportunities together in a complimentary session
