CLOUDIQS × VEXPERTAI · PLATFORM OVERVIEW

Three customer pain points,
nine purpose-built solutions.

Every AWS-customer prospect lives in one or more of these three buckets. The platform addresses each bucket with multiple solutions, sequenced from foot-in-the-door to strategic expansion.

v1.0.0 shipped: #1 Cost Anomaly Scanner
2026-05-08
github.com/eduardd76/aws_anomaly_detector

The three pain points

Every prospect call begins by identifying which of these dominates their day.

PAIN 1

Cost waste

Companies running on AWS systematically waste 15–35% of their cloud bill on idle resources, oversized instances, and forgotten infrastructure. AWS's native tools (Trusted Advisor, Cost Explorer, Compute Optimizer) are scattered, gated behind support plans, or produce no actionable dollar values.

  • Idle EC2, RDS, NAT Gateways, EIPs
  • Orphaned EBS, snapshots, log groups
  • Oversized instances; missing rightsizing
  • No central FinOps view
Typical savings surfaced per audit: $5K–$50K/mo
PAIN 2

Security & compliance posture

Regulatory pressure (NIS2, SOC 2, ISO 27001, GDPR, HIPAA) plus a scattered AWS-native security stack (GuardDuty, Security Hub, Inspector, Macie, IAM Access Analyzer). Findings exist; coherent posture and prioritization don't. IAM sprawl is the #1 source of incidents. Incident response is manual at 2 AM.

  • Findings scattered across 6+ AWS services
  • IAM over-permissive policies, unused credentials
  • Compliance evidence gathered manually for audits
  • No automated containment of common incidents
Typical pain: $50K–$500K annual audit + tooling spend
PAIN 3

Modernization & scaling

Legacy architectures hitting bottlenecks. Unclear modernization path. No visibility into when the current architecture will break. Multi-account sprawl with no governance. Customers know they need to modernize but can't quantify the urgency or the "what to do first."

  • Architecture not assessed against AWS Well-Architected
  • No bottleneck prediction (when does my DB break?)
  • 10–100+ AWS accounts with no central governance
  • Roadmap conversations are vibes, not data
Typical engagement: $20K–$200K assessment + roadmap projects
PAIN 1 · COST

Solutions for cost waste

2 solutions
1

Cost Anomaly Scanner

TACTICAL · FOOT IN THE DOOR
SHIPPED v1.0.0

Connects to a customer's AWS account via read-only IAM, scans 10 high-value cost-waste patterns, computes savings with the AWS Pricing API, and surfaces a ranked list with LLM-generated business narratives. 5-second scans against any account. The flagship "first conversation" that gets us in the door — concrete dollar values are the easiest yes in cloud sales.

10 CHECKS
  • EC2 idle / oversized · EBS unattached · EBS snapshots old
  • Elastic IPs · NAT Gateways idle · RDS stopped or idle
  • S3 no lifecycle · Logs no retention · Lambda unused · Secrets unused
6

Adaptive Infrastructure Agent

STRATEGIC · CONTINUOUS
LATER

Continuous monitoring + time-series forecasting. Watches CloudWatch metrics across critical resources, projects 30/60/90-day trends with Prophet/ARIMA, and proactively recommends incremental architecture changes before bottlenecks hit. Defers expensive re-architecture by surfacing the small fixes that extend runway. Bridges into pain #3 (modernization) too.

CORE CAPABILITIES
  • Forecasted "days until limit" per resource
  • Architecture lifespan score with extension ROI
  • Specific incremental fixes (rightsize, add replica, switch to on-demand)
  • Change lifecycle tracking: did the recommendation actually help?
PAIN 2 · SECURITY & COMPLIANCE

Solutions for security posture

4 solutions · the largest pillar
4

Compliance Fabric

STRATEGIC · POLICY-AS-CODE
LATER

Continuous compliance monitoring with policy-as-code (YAML). 150+ pre-built policies covering CIS AWS Benchmark v3, SOC 2, PCI DSS v4, ISO 27001, GDPR, NIS2. Drift detection with optional auto-remediation. Auto-generated audit evidence packs. The "we just got our SOC 2" customer's next call.

CORE CAPABILITIES
  • YAML policy engine (extensible without code changes)
  • EventBridge-triggered drift detection
  • Per-control evidence with screenshots / API responses
  • Multi-account governance via AWS Organizations
7

IAM Intelligence Agent

BONUS · SECURITY
LATER BONUS

IAM is the #1 source of AWS security incidents. This agent maps every IAM user, role, group, policy across all accounts; flags credential hygiene problems (unused keys, no MFA, root credentials), generates least-privilege policies from actual usage, and visualizes cross-account trust relationships. Surfaces the IAM sprawl customers don't even know they have.

CORE CAPABILITIES
  • Credential hygiene scorecard (unused keys, MFA gaps, root usage)
  • Permission gap analysis (granted vs. used)
  • Auto-generated least-privilege policies
  • Cross-account trust graph + dangerous-pattern detection
9

Incident Response Automation

BONUS · OPERATIONS
LATER BONUS

Automated containment + forensic collection for common AWS security events (root login, security group opened to 0.0.0.0/0, S3 made public, CloudTrail disabled). Auto-reverts dangerous changes, snapshots affected resources for forensics, escalates by tier (Slack → email → SMS → Jira), generates post-incident reports. The "2 AM page" replacement.

CORE CAPABILITIES
  • Pre-defined containment per event type
  • Automatic forensic data collection (snapshots, CloudTrail, VPC flow logs)
  • Tiered escalation with auto-acknowledgment
  • LLM-assisted post-incident report generation
PAIN 3 · MODERNIZATION & SCALING

Solutions for architecture modernization

3 solutions
2

Modernization Copilot

STRATEGIC · ASSESSMENT
LATER

Auto-discovers a customer's AWS environment, scores it against the AWS Well-Architected Framework's 6 pillars (Operational Excellence, Security, Reliability, Performance, Cost, Sustainability), and generates a phased modernization roadmap with executive narratives. Replaces the manual "AWS architecture assessment" consulting engagement.

CORE CAPABILITIES
  • Architecture discovery + dependency graph (CFN/Terraform parsing)
  • 6-pillar Well-Architected scoring (0–100 per pillar)
  • Roadmap: Phase 1 (quick wins) / Phase 2 (medium) / Phase 3 (strategic)
  • Drift detection — track improvement velocity over time
5

Architecture Stress-Test Agent

TACTICAL · BOTTLENECK PREDICTION
LATER

Models a customer's infrastructure against 2x / 5x / 10x growth scenarios. Identifies which resources break first, when (in months at current growth trajectory), and what specific bottleneck (DB connections, Lambda concurrency, EBS IOPS, NAT GW data, etc.). Output: "you're safe until 3.2x traffic; here's what breaks first." The conversation-starter for upcoming traffic events.

CORE CAPABILITIES
  • 30-day baseline + statistical extrapolation per resource
  • AWS Service Quotas integration (catches hard limits)
  • Dependency-aware cascade modeling
  • Interactive growth slider in the dashboard
8

Multi-Account Governance Dashboard

BONUS · CENTRAL VISIBILITY
LATER BONUS

Single pane of glass across 10–100+ AWS accounts under AWS Organizations. Aggregates security posture, cost distribution, service adoption, and guardrail compliance per account. Identifies the "weakest link" accounts and shadow IT. The first-call answer to "we have 47 AWS accounts and no idea what's happening."

CORE CAPABILITIES
  • Org tree visualization with color-coded health
  • Cost allocation treemap + chargeback report
  • Service adoption matrix (accounts × services)
  • Guardrail compliance heatmap (CloudTrail / Config / GuardDuty / etc.)

Build sequence

Tactical solutions ship first (foot in the door, easy yes). Strategic solutions follow (expansion, retainer revenue).

SHIPPED · NOW
#1 Cost Anomaly Scanner
Working software, v1.0.0 on GitHub. Sellable today.
NEXT · 2026 H2
#3 AI SOC (flagship)
Highest strategic value. ~30% the build cost of #1 because the chassis is reusable.
FOLLOWS · 2027 H1
#4 Compliance Fabric · #2 Modernization Copilot
Activated by demand from existing pilot customers.
LATER
#5 · #6 · #7 · #8 · #9
Selectively prioritized based on prospect requests + verticals we win first.