REMEDI:Agentic AWS Security & Remediation Platform
A full-stack agentic security platform that scans an AWS account across 8 services, generates a findings report, waits for human approval, auto-remediates every vulnerability, then runs a verification pass — all orchestrated by a 5-stage LangGraph pipeline with 8 parallel specialist sub-agents.
Core Impact
“Audits 8 AWS services in parallel in under 5 minutes with zero unauthorized changes via a LangGraph human-in-the-loop safety gate and deterministic MCP tool dispatch.”
Architecture Breakdown
Architected 8-parallel-agent orchestration layer using LangGraph and ThreadPoolExecutor — spawning one specialist sub-agent per AWS service (IAM, S3, EC2, VPC, RDS, Lambda, CloudTrail, Security Groups) with isolated tool sets and LLM loops; parallel execution cuts scan time ~8x vs. sequential.
Implemented 5-stage interrupt-based state machine (Orchestrator → Report Generator → Safety Gate → Remediator → Verifier) with LangGraph's `interrupt_before` checkpoint — zero AWS changes execute without explicit operator approval; agent auto-remediates 100% of detected vulnerabilities after single sign-off.
Engineered custom MCP server subprocess (JSON-RPC over stdio) isolating all boto3 calls from LangGraph; background asyncio event loop bridges async MCP protocol to synchronous LangGraph ToolNode — prevents event-loop conflicts across 8 concurrent agent threads.
Implemented 3-layer credential security: Fernet encryption at rest, 30-min inactivity purge (background thread, 5-min sweep interval), explicit wipe on sign-out — zero plaintext credentials touch disk.
Mapped 8 CIS AWS Foundations Benchmark controls to automated scan checks with per-control pass/fail and aggregate compliance scoring stored in PostgreSQL; reduced per-scan LLM cost to ~$0.02 using Gemini 2.0 Flash.
Systems Analysis Concluded