AWS

about us

Blog

GET STARTED

Back

all posts

News

Managed Services and Security Engineering for ProSomnus

BUILDSTR

Managed Services and Security Engineering for ProSomnus

Challenge.

ProSomnus is a medical device company whose digital platform includes the Oxymetrx Patient App and Provider Portal. The platform sits in software-of-medical-device territory, where FDA expectations and cybersecurity controls layer on top of normal cloud operations. The internal team is small and concentrated on the device and the apps.

That left thin coverage for 24x7 cloud operations, formal cybersecurity policy, periodic penetration testing, and regulatory submission engineering. The audit and submission cadence kept rising as the platform evolved. The downside on any HIPAA or FDA finding, or on a security incident, was disproportionately high relative to the engineering capacity ProSomnus could realistically dedicate to prevention.

Solution.

BUILDSTR established a multi-stream relationship under one MSA, with four engagement types running over multiple years. A Managed Services SOW covered 24x7 monitoring, patching, incident response, and continuous operations of the AWS environment, with periodic engineering uplifts. A cybersecurity risk assessment of the Oxymetrx Patient App and Provider Portal was delivered against FDA and HIPAA expectations, paired with a drafted cybersecurity policy and procedure.

A penetration testing engagement was co-delivered with NuVista, producing a vulnerability and penetration test report against the Patient App and Provider Portal. A 510(k) Submission Assistance SOW added engineering and documentation support for the FDA regulatory submission. Tactical engineering landed in flight as needed. Most recently, a major-version Amazon RDS for MySQL upgrade was scheduled across the production database fleet using AWS Blue/Green Deployments, ahead of an end-of-support milestone.

Results.

  • Managed Services SOW renewed with no gap in coverage, sustaining a multi-year continuous-operations relationship.

  • Risk assessment, cybersecurity policy and procedure, and penetration test report delivered as a coordinated package, giving FDA and HIPAA reviewers the artifacts they expect.

  • 510(k) submission engineering support active, on the path to FDA filing.

  • Major-version RDS MySQL upgrade scheduled via Blue/Green Deployments ahead of the end-of-support milestone.

  • Internal team freed to focus on the device and the apps rather than the platform underneath.

BUILDSTR

Share this post

News

Managed Services and Security Engineering for ProSomnus

Case Study

Database & Analytics Modernization for Fintech Startup

News

Business Lessons from a Repair Shop and a Pipeline

Case Study

Case Study: Accelerating AWS Development with Amazon Q Developer for JobTarget

Insights

A Memorable First Week at BUILDSTR: re:Invent 2025

Case Study

Molecule.io Reduces Anomaly Detection Time by 80% with BUILDSTR & AWS ML

Insights

From Metrics to Money: How Observability Can Transform Your Business (And Save Your Sanity)

Insights

Consulting F*cking Sucks

Insights

The Role of A Services Partner to A Large Technology Firm

Case Study

Case Study: Auto Manufacturing

Insights

BUILDSTR's Cheat Sheet for MySQL Upgrade Part 1 of 3

Case Study

Case study: Enhancing Cloud Governance and Security for Masterfully

News

September Visit to the AWS SFO28 Office

Case Study

Case study: Datacenter Evacuation for JobTarget

Insights

Simplify CI/CD and Ship Faster with CodeCatalyst

Case Study

Migrating a Livestreaming iOS App from Agora to Amazon IVS

News

AWS CEO Gives Kudos to BUILDSTR

Insights

Using AI for Security with CodeWhisperer and Inspector

Insights

Hiring in the Cloud: Your 2024 Headache