Case: Aavalynx – The Secure, Automated Foundation for AI-Driven Legal Tech

Aavalynx is a cutting-edge startup redefining dispute resolution with AI and human legal expertise. They were shortlisted for law.com’s Legal Tech Startup of the Year 2025.

We partnered with Aavalynx to build new environments in Azure, building the entire infrastructure from scratch in a new, untouched tenant, so that they can focus on business logic rather than the nitty gritty cloud infrastructure details.

This blog post describes some of the challenges, quite possibly the same ones as many other startups face when rapidly developing in a security-conscious environment, and how we solved them together with the customer.

Kanto has years of experience in diverse cloud environments of different sizes, and we helped Aavalynx by building a solid foundation fit for their needs.

“We gained a secure ISO27001 compliant infrastructure and a scalable foundation that fits our needs, letting us focus on developing the core of the application. The infrastructure automation now allows us to extend our environment capacity whenever we need it.”

- Markus Kuusisto, CTO, Aavalynx

The Challenge: Evolving Beyond the Prototype

Aavalynx had successfully validated their core product using an initial infrastructure setup. This rapid development environment was essential for fast prototyping, but had reached its limits.

As the company moved toward production usage and sought to onboard enterprise clients, that manually configured setup became a constraint. It could not meet the rigorous security, scalability, and compliance standards required for a ISO27001 certifiable legal tech platform.

To scale their ambitious vision and achieve certification readiness, Aavalynx needed to replace the earlier approach and build a future-proof, secure cloud environment from a blank slate.

The Solution: Fully Automated, Greenfield Azure Deployment

The entire stack was deployed in a fully automated manner using Terraform Infrastructure-as-Code (IaC). While patterns were borrowed from Microsoft’s Cloud Adoption Framework, care was taken not to overcomplicate the codebase. After all, this must be easy to extend by a relatively small team.

This strategic choice guaranteed configuration consistency across standard environments from development, to staging and production, and unlocked the ability to rapidly spin up dedicated, customer-specific environments for clients with specialized needs as well.

Terraform presented its own challenges, as there are some inherent limitations in the Azure provider support related to programmatically creating subscriptions, for example. But we solved this by separating concerns and splitting the codebase in a logical way. This also provides an access control measure and improves security, when higher level permissions are granted only when necessary.

In addition to being automated and thus easily replicatable, a large benefit of the IaC approach is that it documents the solution and makes it easier to onboard new team members when standardized tools and a clear codebase are at hand.

Key solution components included:

• Serverless Efficiency: We leveraged Azure Container Apps to host the core application components, removing the management overhead of virtual machines or full Kubernetes clusters. The containerized approach also provides a migration path in the event that the Container Apps solution is outgrown in the future. In addition, other managed services from Azure were selected to minimize the need for maintaining software that is not a part of the business logic.

• Zero-Trust Security: To ensure certification readiness, all critical services were isolated within a private network. The only internet-facing endpoint is the public application. With TLS used end-to-end and least privilege IAM permissions in-place, delivered just-in-time, we ensured that security is built in rather than an afterthought.

• Sustainable Infrastructure: The entire environment was deployed to a Swedish Azure region, aligning with our goals to build sustainable infrastructure by leveraging the country's majority green electricity mix with strong EU privacy regulations.

• Automated Governance & Flexibility: The solution included fully automated subscription management, with and CI/CD integration using OIDC for access granted only when required, allowing the Aavalynx team to provision and manage new environments—both standard and bespoke client-specific ones—quickly and securely.

The Impact: Certifiable Confidence and Effortless Growth

What started as a successful prototype evolved into a clean, certifiable, and future-proof infrastructure.

By fully automating the Azure deployment, Aavalynx gained:

• Compliance: A foundation ready to pass the rigorous certifications, with an internally-communicating infrastructure.

• Scalability: The ability to provision a complete, production-grade environment in a matter of minutes, ready to support the rapid onboarding of new customers.

• Customization: The power to instantly create unique, dedicated environments for specific enterprise clients, turning infrastructure from a cost center into a competitive advantage for closing large deals.

• Focus: Developers can now focus entirely on enhancing the core AI application, trusting the infrastructure to be secure, consistent, and scalable.

By leveraging Azure Container Apps, private networking, and fully automated IaC, we helped Aavalynx move confidently into production with a foundation ready to grow as their needs evolve.

How Kanto can help

In case you are in a similar situation, or already established on a cloud platform but facing architectural challenges, give us a shout and let's talk more.

We have experience on all the major cloud platforms and have also partnered with European providers Exoscale and Upcloud. 

Design architecture: Create tailored cloud environments optimized for your workloads and fit for your business and teams.

Migrate workloads: Plan and execute migrations from existing infrastructure.

Improve security: Enhance your current environments with least-privilege permissions, or build new secure software pipelines.

Optimize operations: Improve cost efficiency and sustainability of your deployments by choosing the correct tools for the job.

Interested to learn more about Aavalynx? Check out their website!