About TagOne

TagOne LLC is a cloud-based, blockchain-enabled Traceability Management System delivering radical transparency to the food and natural products industry. They are recognized by the US Food and Drug Administration (FDA) as a leader in the segment. TagOne’s Traceability Management System supports streamlined operations for all stakeholders in the food, natural product, and supplement industries to reduce risk and build trust with buyers.

The Challenge

TagOne reached out to Ibexlabs to scan their environment to make sure their AWS infrastructure is Well-Architected and to provide them with honest recommendations to bridge any operational gaps. They also desired to optimize costs wherever possible.

The Ibexlabs Solution

Ibexlabs completed an overall assessment of the TagOne infrastructure using the AWS Well-Architected Framework. As part of the Well-Architected review, Ibexlabs focused on review areas such as security and reliability, which are part of the five pillars of AWS Well-Architected Review. This analysis gave both parties valuable insight for improvement, especially regarding security, reliability, performance, and cost optimization. Solutions were implemented to remediate findings and to help TagOne to achieve a secure and compliant AWS infrastructure with potential cost savings.

During this process, security best practices were set up to adhere to principles of least privilege. This did not reduce the ability of teams to respond to new challenges and opportunities.

AWS Services used:

  • AWS SecurityHub
  • Amazon GuardDuty
  • Amazon Simple Notification Service
  • Amazon S3
  • AWS Systems Manager
  • AWS CloudTrail
  • AWS Web Application Firewall
  • AWS Single Sign-on
  • AWS Backups


Ibexlabs enforced enhanced security by adding a WAF (Web Application Firewall) and improved resilience by implementing backups for S3, RDS, and EC2. With the help of the AWS Systems Manager Ibexlabs automated scanning and the application of patches to a large group of EC2s.

Ibexlabs helped TagOne review the cost optimization recommendations for compute resources using a Compute Savings Plan for EC2s and Reservation Plan for RDS. The result was a potential cost reduction of up to 30% compared with the on-demand pricing for their expected workloads.