Duolingo English Test leverages AWS WAF, CloudFront, and ECS to deliver a secure, globally distributed assessment platform with real-time proctoring and fraud detection. Test takers connect through AWS WAF and CloudFront edge locations to the Test Delivery Engine running on ECS, which orchestrates question delivery, audio synthesis via Amazon Polly, and session state management in DynamoDB. SageMaker performs real-time scoring and anomaly detection on test responses, flagging suspicious behavior, while secure recordings and score reports are encrypted and stored in S3 under IAM and AWS Organizations governance. This architecture demonstrates defense-in-depth for high-stakes testing: edge security prevents attacks, application-layer anomaly detection catches cheating, and governance controls ensure compliance and data isolation across accounts. Fork this diagram to customize security policies, add additional ML models, or adapt the pattern for other proctored assessment use cases. The design balances low-latency delivery with forensic-grade security, critical for standardized testing platforms handling sensitive learner data.