(781) 645-7800

Executive Summary

The Evolv Express system is a free-flow weapons-detection system that can
screen 3,600 people an hour. The initial release of this groundbreaking product
was standalone devices, installed at customer sites.

However, Evolv has a much broader vision for the product that includes data
analytics, machine learning, and data fusion. The original architecture that relied
on embedded processing, local data storage, and a UI/UX attached to each
freestanding system limited the growth in capabilities for this product.

Supporting customers globally was also a challenge for the Customer Support
organization. The loosely connected freestanding device architecture meant that
devices at each site location had to be monitored and supported individually, a
difficult scenario as Evolv’s shipments scaled.

Evolv and VividCloud both saw these challenges as an IoT migration opportunity.


By turning the Express system into a network of smart, connected, Industrial IoT
devices, a much more ambitious roadmap of new and expanded features became

The first application targeted by Evolv to be migrated from the embedded device
was the UI. VividCloud rearchitected the legacy software into a Progressive Web
Application (PWA) in Angular to improve the UX and allowing it to be used
immediately on Android and Windows devices. As a PWA, could be run on a
variety of other platforms, including MacOS and iOS, should Evolv ever have the
business need.

The second application to be migrated and enhanced was the legacy application
that could only display usage and performance data on the Express systems
screen. To support this and other applications to follow, VividCloud architected a
multi-tenant system on AWS to store usage and performance data from Express
systems deployed globally. The implementation included development of data
pipelines to capture, process, and store the scanner data for all systems on AWS.

A dashboard application was developed allowing users to view the status of all
Express systems deployed and manage those systems through a set of IoT Jobs.
The monitoring solution also provides an analytics dashboard providing users with
several Tableau visualizations of the scanner data.

To meet security standards including tenant data encryption, a strict separation of
environments was implemented to avoid exposing production data to lower
security environments. VividCloud implemented an AWS Account Landing Zone
leveraging AWS Control Tower.

The Landing Zone consists of amongst other core components three AWS accounts
that host multiple sandbox environments for daily development as well as a staging
account for demonstrating different versions of the product and a production
environment. Deployments to AWS have been fully automated leveraging Gitlab
CI/CD pipelines, Ansible Playbooks and AWS CloudFormation.


The Evolv AWS platform was deployed on schedule and operational with every
Express system.

AWS Services

  • AWS Route 53 hosted zones, and DNS records to provide access to the
  • AWS VPC Security Groups, IGWs, NATs, subnets, and route tables to provide a
    secure networking environment
  • AWS ELBv2, Target Groups to route traffic to the Tableau Server Cluster
  • AWS Certificate Manager to terminate HTTPS on the ELBv2
  • AWS Auto Scaling Groups to scale the Tableau cluster based on usage
  • AWS Lambda to perform IoT based workloads as well as proving endpoints
    exposed via API Gateway
  • AWS API Gateway to expose a Rest API endpoint used primarily by the UI
  • AWS CloudWatch Logs, Metrics, and Alarms to simplify monitoring
  • AWS DynamoDB to store customer related information
  • AWS IoT Core to run jobs on scanner hardware as well as receiving scanner
    data for analytics
  • AWS IAM roles and policies to grant access to AWS resources
  • AWS Control Tower to set up an OU for Evolv Technology
  • AWS SSO to provide access to the AWS Accounts
  • AWS Service Catalog to provision AWS Accounts
  • AWS CloudTrail to audit activities in the AWS Accounts
  • AWS S3 to store CloudTrail logs, store scanner data and analytic results, host
    the Web UI
  • AWS SQS to process S3 notifications
  • AWS CloudFront to deliver static web content
  • AWS SNS topics used to notify irregularities to the support team
  • AWS KMS to encrypt data stored in EBS volumes/snapshots, SSM Parameter
    Store and DynamoDB content
  • AWS SSM Parameter Store to store credentials used by the application
  • AWS CloudFormation and StackSets to provision AWS Accounts

Industry: Security

Evolv offers a secure and seamless weapons detection and screening experience for public
and private venues.

Their products make it possible for venues of all kinds to keep visitors safe from concealed
weapons, public health threats and intruders.

Key products include Evolv Express and Evolv Edge.

Founded in 2013, the company is headquartered in Massachusetts, and where their products are
designed and manufactured