Contact

AI Agents for Software Development Lifecycle Automation in Insurance

A major insurance company with 12,000+ employees wanted to cut engineer hours across analysis, testing, code review, and deployment without disrupting existing workflows. Azati helped design and specify a suite of five AI agents, embedded directly into the client's Azure DevOps infrastructure, that now assist engineers with routine SDLC tasks across the development lifecycle.

Build my AI agent suite
5

AI agents designed and delivered across the full SDLC

12,000+

employees at the client enterprise running the AI-augmented pipeline

12 months

from kickoff to production-ready agent suite

Technologies used

Node.js
Node.js
PostgreSQL
PostgreSQL
Redis
Redis
Kubernetes
Kubernetes
Azure DevOps
Azure DevOps
Docker
Docker
OpenAI
OpenAI
Git
Git

Motivation

Large insurance companies run engineering departments that look, from the outside, a lot like any other large software organization. Hundreds of engineers, dozens of teams, a mature CI/CD pipeline, and a backlog that never gets shorter. The difference is the compliance layer underneath everything: every change goes through security review, every deployment needs sign-off, and every new tool has to clear an architecture committee before it touches production.

The client is a major insurance enterprise with 12,000+ employees, running a significant internal software development operation. The pain they came with was concrete: too much engineer time going into work that felt routine but couldn't easily be skipped. Code reviews that took hours. Unit tests written by hand for every new function. Specification documents cross-checked manually against implementation. Deployment preparation that required pulling in senior engineers for guidance that, in most cases, looked almost identical to last time.

The question wasn't whether AI could help. It was whether AI could be deployed inside a corporate perimeter with the security constraints of a regulated insurer, integrated into an existing Azure DevOps setup, and actually used by engineers who had no patience for tools that added friction instead of removing it. Azati was brought in to answer that question in practice, not in theory.

Business challenges

Challenge 01

Enterprise security requirements that rule out most off-the-shelf AI tools

Sending proprietary source code and internal specifications to a third-party LLM API is a non-starter for a regulated insurance company. Any AI tooling had to run entirely within the corporate perimeter, on the client's own infrastructure, with no data leaving the internal network:

  • LLM deployment on client-owned GPU hardware required
  • SSL, VPN, and VDI access controls throughout
  • Multiple information security reviews before any deployment
  • Architecture committee approvals at each stage
  • No external API calls with sensitive code or documents
#1
Challenge 02

Integration with a complex, mature enterprise toolchain

The client's development infrastructure had years of tooling already in place. Any new agents had to slot into that stack rather than replace it, integrating cleanly with systems that weren't designed with AI in mind:

  • Azure DevOps for tasks, source control, and CI/CD
  • Internal WIKI and documentation systems
  • HashiCorp Vault for secrets management
  • Artifactory for artifact storage
  • Kubernetes-based microservices architecture
#2
Challenge 03

Organizational friction in large enterprise AI rollouts

Getting five AI agents from concept to production inside a 12,000-person company is not primarily a technical problem. The harder challenge is navigating the approval layers, aligning stakeholders, and building enough internal trust that engineers actually use the tools:

  • Multiple architecture committee presentations required
  • Budget and infrastructure constraints shaped scope
  • Remote desktop environment slowed iteration cycles
  • Coordination across security, infrastructure, and engineering teams
#3
Challenge 04

Designing agents that fit real developer workflows

An AI agent that technically works but adds three extra steps to a developer's day won't get used. Each agent had to be designed around how engineers actually work in Azure DevOps, not around what was easiest to build:

  • Pull request review integrated into existing PR workflow
  • Unit test generation triggered without leaving the IDE context
  • Specification check mapped to existing requirements artifacts
  • Deployment assistance surfaced at the natural decision point
#4

The client's requirements

The client needed a partner who could design a production-ready AI agent architecture from scratch inside a constrained enterprise environment, produce complete technical specifications, and own the integration with existing corporate systems. Over 12 months the scope covered the full journey from concept to deployed agents:

  • Design the overall AI agent architecture including LLM routing and microservices layer
  • Produce detailed technical specifications for all five agents
  • Define integration patterns with Azure DevOps, Vault, Artifactory, WIKI, and API gateway
  • Specify internal LLM deployment on client GPU infrastructure using open-source models
  • Design security and access control model compatible with corporate InfoSec requirements
  • Navigate architecture committee reviews and obtain production deployment approvals
  • Deliver agent specifications ready for engineering team implementation

Why Azati?

Systems analysis depth for complex enterprise AI architecture

Designing five AI agents that integrate with a mature corporate toolchain is not a job for a developer who can also do a bit of architecture. It requires someone who can read an existing enterprise system landscape, understand where the integration points are, and produce specifications precise enough that an engineering team can implement without ambiguity. The Azati systems analyst brought exactly that: BPMN, UML, sequence diagrams, REST API design, OpenAPI/Swagger, and experience with async and event-driven architectures.

Practical LLM deployment knowledge, not just API wrappers

Running open-source LLMs on corporate GPU infrastructure and routing requests intelligently between internal models and external APIs requires a different skill set than calling OpenAI from a script. Azati has accumulated hands-on experience with LLM deployment patterns, model selection, and the architectural decisions that make enterprise AI systems reliable in production, not just impressive in demos.

Experience navigating large enterprise delivery constraints

Big companies move slowly for reasons that are often legitimate: security, compliance, risk management. The Azati engineer understood how to work within those constraints rather than against them, progressing through architecture committee reviews, adapting scope to budget and infrastructure realities, and keeping the project moving inside a remote desktop environment that was nobody's ideal working setup.

Embedded delivery model that works inside corporate walls

The engagement ran as a Dedicated Team placement, with the Azati systems analyst embedded directly in the client's team. That meant operating within the client's Agile/Scrum process, participating in sprint planning and reviews, and building the kind of working relationship with internal stakeholders that gets new AI tooling actually used rather than approved and then forgotten.

Bringing AI into your software development process?

Whether you're designing AI agents for an enterprise engineering team or integrating LLMs into an existing pipeline, Azati has the architecture and delivery experience to make it work inside real corporate constraints.

Let's discuss your AI agent project

Solution

01

AIRouter: Intelligent Request Routing

The foundation of the agent suite is a routing layer that classifies incoming requests and directs them to the appropriate agent and LLM backend. Internal QWEN models handle the majority of requests on the client's own GPU infrastructure; the OpenAI API is available for tasks that benefit from it. The router abstracts this decision away from the end user, ensuring the right model gets the right task without requiring engineers to think about model selection.

Key capabilities:
  • Classifies and routes requests across all five agents
  • Balances load between internal GPU models and external API
  • Integrates with corporate API gateway and Kubernetes infrastructure
  • Keeps sensitive code and data within the corporate perimeter by default
02

PR Review Agent: Automated Pull Request Analysis

The PR Review agent connects to Azure DevOps and analyses pull requests automatically when they are opened or updated. It reviews code changes for quality issues, potential bugs, security concerns, and adherence to internal standards, and surfaces findings as comments directly in the PR interface. Engineers get a first-pass review before a human reviewer looks at the code, which means human review time focuses on the things that actually need human judgment.

Key capabilities:
  • Triggered automatically on PR open and update events in Azure DevOps
  • Reviews code quality, logic issues, and security concerns
  • Posts structured findings as inline PR comments
  • Integrates with existing code review workflow without added steps
03

UnitTest Gen: Automated Unit Test Generation

The UnitTest Gen agent takes a function or module as input and generates a corresponding unit test suite. It understands the code structure, identifies edge cases, and produces tests that follow the conventions of the existing codebase. For a large engineering team, the cumulative time saving across hundreds of new functions per sprint is significant, and the consistency of machine-generated tests removes the variability that comes from different engineers applying different levels of rigour to test coverage.

Key capabilities:
  • Generates unit tests from function and module input
  • Identifies edge cases and boundary conditions automatically
  • Follows existing codebase conventions and testing patterns
  • Integrates into the development workflow via Azure DevOps and Git
04

Specification Check: Requirements Validation Agent

The Specification Check agent compares implementation against specification documents stored in the corporate WIKI and connected systems. When a developer submits code, the agent validates that the implementation matches the requirements it was built against, flagging discrepancies before they reach code review or QA. In a large insurance enterprise where specification documents are authoritative and compliance matters, catching mismatches at the development stage rather than later in the cycle saves significant rework time.

Key capabilities:
  • Validates implementation against specification documents automatically
  • Integrates with internal WIKI and documentation systems
  • Flags requirement mismatches before code review stage
  • Reduces late-stage rework from specification drift
05

Deployment Assistance: AI-Guided Deployment Support

The Deployment Assistance agent provides engineers with contextual guidance at the deployment preparation stage. It analyses the changes being deployed, cross-references deployment history and runbooks from internal systems, and surfaces relevant advice, risk flags, and checklist items specific to the current deployment context. For complex enterprise deployments, it reduces the dependency on senior engineers for guidance that is largely pattern-matching against previous deployments.

Key capabilities:
  • Analyses deployment scope and surfaces relevant risk factors
  • Cross-references internal runbooks and deployment history
  • Reduces senior engineer dependency for routine deployment guidance
  • Integrates into CI/CD pipeline via Azure DevOps

Major achievements

Metric / areaBefore engagement with AzatiAfter engagement with Azati
Code review processManual, engineer-dependent first passAI-assisted pre-review via PR Review agent
Unit test writingManual for every new functionAI-assisted generation via UnitTest Gen agent
Specification validationManual cross-check before QAAI-assisted at development stage via Spec Check agent
Deployment preparationSenior engineer guidance requiredAI-assisted via Deployment Assistance agent
LLM infrastructureNo internal AI capabilityQWEN models deployed on corporate GPU hardware
Agent integrationNo AI in DevOps pipelineFive agents live in Azure DevOps pipeline

Security

Security was not an afterthought on this project: it was a primary design constraint from day one. All LLM models run on the client's own GPU infrastructure, meaning no proprietary source code, internal specifications, or sensitive data ever leaves the corporate network. The entire agent suite operates behind SSL encryption, VPN access controls, and VDI-based remote access. The solution went through multiple information security reviews and architecture committee approvals before any component reached production, and the integration patterns were designed to comply with the client's existing InfoSec policies throughout.

Engagement & delivery

Dedicated Team placement embedded in the client's engineering org

The Azati systems analyst worked as a dedicated team member inside the client's organisation, participating in sprint ceremonies, architecture reviews, and stakeholder coordination as part of the client's own team rather than as an external vendor delivering to a brief.

Agile/Scrum with enterprise approval cycles layered on top

The team worked in Agile sprints, but large enterprise delivery means fitting that agility inside a slower-moving approval structure. Progress required navigating architecture committee reviews, InfoSec sign-offs, and budget checkpoints throughout the 12-month engagement:

  • Sprint-based delivery with regular stakeholder demos
  • Architecture committee presentations at key milestones
  • InfoSec review integrated into the delivery process
  • Scope adapted to infrastructure and budget constraints as they emerged

Results & business impact

Five AI Agents Specified and Ready for Implementation

Azati contributed the architecture design and full technical specifications for five AI agents covering the most time-intensive routine tasks in the client's SDLC: code review, unit testing, specification validation, request routing, and deployment guidance. All five went through enterprise approval processes alongside the client's engineering team.

LLM Infrastructure Inside the Corporate Perimeter

Open-source QWEN models were deployed on the client's own GPU hardware, giving the engineering organisation a self-contained AI capability with no external data exposure. The client now owns and operates its own LLM infrastructure, independent of any third-party provider.

AI Embedded in Existing Developer Workflows

The agents integrate directly into Azure DevOps, meaning engineers interact with AI assistance inside the tools they already use rather than switching to a separate interface. Adoption friction is minimal because the workflow change is minimal.

Enterprise Approval Process Navigated Successfully

Getting five AI agents into production inside a 12,000-person regulated insurer required more than technical delivery. Architecture committee reviews, information security assessments, and stakeholder alignment ran in parallel to the specification work over 12 months. The Azati analyst supported this process by producing documentation and specifications clear enough to pass enterprise scrutiny without requiring rework at each approval stage.

SDLC Expertise Retained Inside Azati

The engagement built deep expertise in enterprise AI agent architecture, LLM integration patterns, and the specific tools and processes used in large corporate software organisations: BPMN, UML, OpenAPI, async integrations, message brokers, and microservices at regulated-enterprise scale.

Strategic wins

A few things about this engagement are worth understanding beyond the deliverables:

On-premise LLM deployment as a replicable pattern

Deploying open-source LLMs on corporate GPU hardware, integrating them with an API router, and connecting that infrastructure to a suite of task-specific agents is a pattern that works for any large enterprise that can't send sensitive data to external APIs. The architecture designed here is not specific to insurance: it applies to any regulated industry with similar data sovereignty requirements.

Systems analysis as the critical skill in enterprise AI rollouts

The bottleneck in this project was not the AI models. It was the specification work: understanding existing systems, defining integration patterns, producing documentation precise enough to pass security review and guide implementation. That is systems analysis work, and it is what determined whether the agents actually got built and deployed rather than remaining a concept.

Enterprise approval cycles as a delivery discipline

Most AI tooling projects fail inside large enterprises not because the technology doesn't work but because the project can't survive the approval process. The Azati engineer treated architecture committee reviews and InfoSec assessments as part of the delivery scope, not as obstacles to route around. That mindset is what gets AI from pilot to production in a 12,000-person regulated organisation.

AIRouter as infrastructure, not just a feature

Building the routing layer as a proper piece of infrastructure, rather than hardcoding model selection per agent, gives the client the ability to swap, update, or add LLM backends without redesigning each agent. As open-source model quality improves rapidly, that architectural decision will keep paying off.

Team composition

The engagement ran with a single Azati specialist embedded in the client's team, which is consistent with how complex enterprise AI projects at this stage actually work: the leverage is in architecture and specification, not headcount.

  • Systems Analyst (12 months, dedicated) primary Azati contributor. Responsible for designing all five agent architectures, producing technical specifications and requirements documentation, defining integration patterns with Azure DevOps and corporate infrastructure, navigating InfoSec and architecture committee processes, and coordinating with the client's engineering and security teams. Brought expertise in BPMN, UML, REST API design, OpenAPI/Swagger, async and event-driven integrations, and microservices architecture.

The described expertise is relevant for

  • Enterprise AI agent design and LLM integration projects
  • AI automation for regulated industries with data sovereignty requirements
  • Azure DevOps and CI/CD pipeline AI augmentation
  • On-premise LLM deployment on corporate infrastructure
  • SDLC automation across code review, testing, and deployment
  • Large enterprise AI rollouts requiring InfoSec and architecture committee navigation

Related case studies

Legacy PHP Modernization: Insurance App Upgrade & Support
Insurance
Read more

Legacy PHP Modernization: Insurance App Upgrade & Support

Legacy PHP modernization for a mission-critical insurance accounting app with upgrade without rewrite and infrastructure support.
Managed AI for Invoice & Document Processing
Insurance
Read more

Managed AI for Invoice & Document Processing

Managed AI solution that automates invoice and document processing with seamless ERP integration and built-in compliance.
Insurance Company Electronic Form Submission
Insurance
Read more

Insurance Company Electronic Form Submission

Online application forms automating insurance quote and decision processes.
Promotional Site Generator for Insurance Corporation
Insurance
Read more

Promotional Site Generator for Insurance Corporation

Automated tool generating personalized insurance promotional materials.
ETL Process Enhancement
Insurance
Read more

ETL Process Enhancement

Enhanced ETL process eliminating data inconsistencies for healthcare customer.
Insurance Company MDM And CRM Implementation
Insurance
Read more

Insurance Company MDM And CRM Implementation

Integrated CRM system with Master Data Management optimization.
View all case studies

Last updated

Got a job for Azati? Let’s talk business!

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

What's next?

  • 1. Tell Us Your Story
    Describe your project. We come back within 24 hours with team availability and a rough plan. NDA on request before the first call.
  • 2. Get Your Roadmap
    Receive a detailed proposal with scope, team composition, timeline, and costs tailored to your goals.
  • 3. Start Building
    Azati aligns on details, finalize terms, and launch your project with full transparency.