DeepWaste detection: Applying cyber methodologies to cost optimization (COP219)

Cloud Cost Optimization Insights from Cybersecurity

Introduction

  • The presenters, Shiron and Dor, discuss how the lessons learned from cybersecurity can be applied to the world of cloud cost optimization.
  • They highlight the challenges faced by FinOps teams in optimizing cloud costs and draw parallels with the security challenges faced by cybersecurity practitioners in the past.

Challenges in Cloud Cost Optimization

  • The cloud is ever-expanding, with over 100 different providers offering thousands of services, making it difficult to maintain cost efficiency.
  • Studies show that over 30% of cloud spend is going to waste, and 82% of organizations report cost optimization as a top challenge.
  • The key challenges include:
    • Access gap: Engineers building cloud products may lack the necessary expertise for cost optimization.
    • Accountability gap: FinOps teams are accountable for cloud costs but lack the ability to directly control them.
    • Data complexity: Dealing with large volumes of diverse data, such as cost and usage metrics, is a significant challenge.

Lessons from Cybersecurity

  • The presenters draw a parallel between the challenges faced by FinOps teams and the previous challenges faced by cybersecurity practitioners.
  • Just as security responsibilities shifted left into the hands of developers (DevSecOps), the presenters suggest a similar shift in the cloud cost optimization domain.

The 05 Solution

  • The presenters introduce "Deep Waste," a continuous detection engine that leverages lessons from cybersecurity to tackle cloud cost inefficiencies.
  • Deep Waste is designed with three key principles in mind:
    1. Continuity: Running daily to provide an updated cloud cost posture.
    2. Actionability: Identifying cost-saving opportunities with clear actions to be taken.
    3. Accuracy: Relying on robust data ingestion and analysis to ensure reliable insights.

Detection and Remediation

  • The presenters explain how Deep Waste operates, with an ETL pipeline that ingests and models cloud data, and a constantly growing set of detection rules.
  • They provide an example of a detection for an archival S3 bucket stored in a non-archival class, highlighting how the tool provides detailed analysis and a clear action plan for remediation.
  • To facilitate adoption, the presenters emphasize the importance of integrating with existing engineering workflows and providing convenient remediation options, such as one-click fixes and infrastructure-as-code integration.

Conclusion

  • The presenters emphasize that cloud cost optimization is a continuous journey, not a one-time destination.
  • The key to success lies in the right technology, collaboration, and empowering engineers to be part of the cost optimization process.

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.

Talk to us