Aegis
An enterprise-grade AI-powered API Security Firewall with a Zero-Trust architecture. Aegis combines a reverse proxy, AI threat detection engine, and control plane dashboard to inspect, score, and secure HTTP traffic in real time.
Timeline
7-10 Days
Role
Full Stack / System Engineer
Team
Solo
Status
CompletedTechnology Stack
Key Challenges
- Designing Zero-Trust distributed architecture
- Building high-performance reverse proxy
- AI-based threat detection integration
- Multi-tenant RBAC system
- Real-time event-driven logging pipeline
Key Learnings
- Microservices architecture
- API security & WAF design
- gRPC systems
- Event-driven architecture with NATS
- Next.js enterprise dashboards
- System design at scale
Overview
Aegis is an enterprise-grade AI-powered API Security Firewall designed with a Zero-Trust architecture.
It acts as a high-performance reverse proxy that inspects, filters, and secures incoming HTTP traffic using a combination of WAF rules, rate limiting, and AI-based threat detection.
The system is composed of multiple tightly integrated components: a Control Plane for configuration, a Data Plane Proxy for traffic inspection, an AI Threat Engine for intelligent analysis, and a modern Dashboard for real-time management.
Key Features
Core Functionalities
- AI-Powered API Firewall: Detects and blocks malicious traffic in real time
- Zero-Trust Architecture: Every request is authenticated and validated
- WAF + DLP Engine: Rule-based security and data leak prevention
- AI Threat Detection: Identifies SQLi, XSS, and advanced attack patterns
- Rate Limiting & Circuit Breaking: Protects upstream services
- Multi-Tenant System: Isolated organizations with RBAC
- Real-Time Dashboard Control: Manage rules and monitor traffic instantly
System Architecture
Aegis is built as a distributed microservices system:
1. Control Plane
- Manages authentication, RBAC, and configuration
- Built with Go, PostgreSQL, Clerk
- Handles multi-tenant organization management
- Provides APIs for firewall rule control
2. Data Plane (Proxy)
- High-performance reverse proxy (core firewall engine)
- Enforces WAF, DLP, and rate limiting rules
- Communicates with AI engine via gRPC
- Streams logs via NATS for analytics
3. AI Threat Engine
- Python-based gRPC microservice
- Analyzes request payloads and headers
- Detects malicious patterns (SQLi, XSS, etc.)
- Returns threat score and classification
4. Analytics Worker
- Consumes logs from NATS event stream
- Aggregates traffic and system metrics
- Stores processed data in PostgreSQL
5. Control Plane Dashboard
- Built with Next.js 15 + Tailwind CSS
- Provides UI for managing firewall rules
- Multi-tenant workspace management
- RBAC-based access control (Admin / Viewer)
- Real-time updates via API sync
How It Works
- Client sends request → Aegis Proxy
- Proxy applies WAF + rate limiting checks
- Request sent to AI Engine for threat scoring
- Decision (allow/block/flag) is returned
- Logs streamed to NATS
- Analytics Worker processes telemetry
- Dashboard reflects real-time system state
Example Workflow
$ curl https://api.example.com/data
Step 1: Request intercepted by Aegis Proxy
Step 2: WAF rules evaluated
Step 3: AI Engine analyzes payload
Step 4: Threat Score = Low
Step 5: Request Allowed ✔