Request a Call
Spinner

Processing...

Business Overview

Our client specializes in developing, manufacturing, and distributing healthcare systems, both devices and software, for people with diabetes. Due to the sensitive nature of patient data and the stringent cybersecurity requirements imposed by regulatory bodies, the company prioritizes data protection and maintains rigorous security protocols like HIPAA, FDA, GDPR, etc.

To safeguard information transfer, each product release undergoes multiple cybersecurity checks, from bend testing to code review. Security architects have to analyze the results and prepare a specific software security report as part of the bureaucracy. This ongoing responsibility prevented them from performing more advanced tasks that required their professional knowledge and reduced their productivity.

To remedy the situation, the client decided to develop a system that would automate the process of creating vulnerability and threat reports and reduce the work of security specialists to just reviewing. The company turned to NIX with this request, choosing us for our proven cybersecurity background and vast experience in healthcare development.

Picture 1 600x405

Project Scope

challenge icon

Develop an LLM-based system to autonomously generate cybersecurity reports for medical software and firmware using an internal documentation database and generative AI technologies.

challenge icon

Ensure this system intelligently analyzes identified threats and vulnerabilities and subsequently proposes comprehensive mitigation strategies based on the company’s previous experience.

Solution

Our team developed an LLM-based system with a function-driven architecture that automates repetitive documentation tasks and streamlines cybersecurity administrative workflows, helping meet the client’s high data protection requirements. Deployed in the Google Cloud Platform (GCP), this solution consists of a complex multi-agent application integrated and orchestrated in both Vertex AI Agent Builder and LangGraph.

To provide the platform with proper threat modeling capabilities, we integrated it with the IriusRisk API as a key agentic tool. Our team also integrated it with the necessary enterprise-level systems, including the Oracle database as the final storage for reports. This two-way data synchronization united all interconnected operations and ensured the correct extraction and processing of information for generating reports.

Picture 2 600x405

AI-powered Data Extraction

To optimize information aggregation from the cybersecurity reporting repository, our team used a combination of advanced technologies, including prompt engineering techniques, the retrieval-augmented generation (RAG) approach, and Vertex AI model capabilities. This enabled precise data extraction, efficient analysis, and accurate report generation.

  • Prompt Engineering: Domain-specific prompts allowed the AI to understand complex cybersecurity language and regulatory needs, ensuring well-structured reports and actionable mitigation strategies with minimal corrections.

  • RAG Approach: By combining Google Search grounding with Vertex AI Search, the system accessed both external and internal data sources, delivering reliable, verifiable, and contextually relevant outputs.

  • Vertex AI Models: These models facilitated rapid data processing, accurate information retrieval, and smooth integration with the company’s systems, ensuring synchronized and reliable workflows.

  • LLM Module: To provide the system with advanced LLM capabilities, we used the Google Gemini model’s family as a convenient and effective tool for these tasks.

System’s Functionality

The complex project architecture and high system workload required a Google Kubernetes Engine integration and a custom reports UI, which was developed in Vue.js. This allowed us to implement a sophisticated system with advanced functionality.

  • Intellectual Report Generation. The system collects information from various sources and converts it into government-level reports for regulatory organizations. It uses Google’s AI engine to check the reports and fill in missing fields, freeing security architects from performing these tasks manually.
  • AI-powered Predictions. By leveraging Vertex AI Agent Builder, we designed and deployed conversational agents capable of generating contextually relevant mitigation recommendations directly within the report generation process.
  • Smart Search. We also used Vertex AI’s Agent Builder to create a smart search in the company’s documentation, which allows security architects to look for relevant information for report generation and analysis.
  • Accuracy Reports. NIX equipped the system with special reports to help the company’s management and security engineers understand how accurate the AI ​​is in its forecasts, further improving its operation.

 

Picture 3 600x405

AI Model Optimization

To increase the accuracy of the system’s predictions and the quality of the generated reports, we are constantly improving our AI model. Feeding it curated data from Oracle’s database and internal storages and using automated iterative prompt optimization, we instruct the AI to generate predictions on known data and compare results with expected outcomes. This process can be repeated any number of times to further enhance the accuracy of AI outputs.

Outcome

With this LLM-powered AI Agent system, the client boosted the company’s performance and achieved all of their goals:

  • Significantly enhanced accuracy and efficiency of vulnerability and threat reports, resulting in streamlined security administrative workflows.
  • Automation of repetitive documentation tasks allowed cybersecurity professionals to dedicate their expertise to more strategic and critical endeavors.
  • Analysis of potential risk attack vectors for product releases and post-market activities
  • Access to AI-powered security mitigation strategies for new and existing threats and vulnerabilities
Picture 4 600x405

Success Metrics

1,000+

AI-powered Reports

70%

Less Time Spent per Report

90%

Accuracy of Mitigation Strategies

Team:

Team:

Project Manager Business Analyst Tech Lead 2 DevOps Engineers
Tech stack:

Tech stack:

Google Cloud Vertex AI Agent Builder LangChain Google Gemini Models Kubernetes Vue.js

REQUEST A CONSULTATION

Contact us   

Relevant Case Studies

View all case studies

NLP Chatbot for Accelerating Internal Operations

Healthcare

Success Story NLP Chatbot for Accelerating Internal Operations image

AI Assistant for Enterprise-grade Device Management

Internet Services and Computer Software

Manufacturing

Success Story AI Assistant for Enterprise-grade Device Management image

Smart Home System for Utility Management

Electronics

Real Estate & Property Management

Success Story Smart Home System for Utility Management image
01

Contact Us

Accessibility Adjustments
Adjust Background Colors
Adjust Text Colors