Solution · Foundation Zero / Cloud FinOps platform / Serverless · live

Every cloud dollar,
accounted for
every night.

Foundation Zero is a serverless FinOps platform that processes thousands of cost-optimization events nightly across multi-account AWS estates — turning billing noise into ranked, owned, actionable savings.

Request a walkthrough → See how it works
Thousands
Cost events processed nightly
Multi-account
Complete tenant isolation
Seconds
Recommendations surfaced in real time
87score
// Cloud Score+14 ▲ since last run
Monthly spend  $1.24MSaved $312k
RI Reserved Instance coverage 62% → 91% across 14 accounts → ec2
Idle 23 idle NAT gateways — detach & release → vpc
Rightsize Over-provisioned RDS — db.r6g.2xl → xl → rds
Savings Plan Compute SP commitment — 1-yr, no upfront → org
1,284
recommendations
47
accounts
$312k
/mo identified
8
owners
— The problem

Cloud spend grows faster than anyone can track.

Between Reserved Instances, Savings Plans, right-sizing, and resources nobody remembers launching, cloud cost management has become impossibly complex. Reaching even 95% optimization is out of reach for most teams.

The data is there — Cost and Usage Reports, resource metadata, usage patterns — but it's spread across dozens of accounts and millions of line items. By the time someone analyses it, the bill has already landed.

Foundation Zero closes that gap. It processes the whole estate every night, surfaces ranked optimization opportunities within seconds, and routes each one to an owner with a full audit trail — so savings actually get actioned.

// 01 — Ingest & normalize

Every account's billing data, ingested nightly.

Foundation Zero pulls Cost and Usage Reports, resource inventories, and Savings Plan & RI utilization from across your AWS organisation — normalizing millions of line items into a queryable model.

EventBridge schedules the run; Lambda fans out per account; S3 holds the partitioned data lake with lifecycle archival built in.

  • Cost & Usage Reports, resource metadata, usage patterns
  • Multi-account, multi-region, single organisation view
  • Partitioned in S3 — lifecycle-archived to control storage cost
CUR
Cost & Usage Report — prod-account-01
22 Jun · 04:02 · 2.4M line items
a7f4…91c2
RES
Resource inventory — 14 accounts
22 Jun · 04:08 · 9,210 resources
d2e8…3b14
RI
Savings Plan & RI utilization
22 Jun · 04:11 · 38 plans
6c19…f0a5
Partitioned in S3 · lifecycle-archived
// 02 — Detect & rank

Billing noise becomes ranked opportunities.

A fleet of focused Lambda functions analyses the normalized data — Reserved Instance gaps, idle resources, right-sizing, Savings Plan commitments, storage waste — and scores every opportunity by impact.

Each recommendation carries the accounts, resources, and dollar impact behind it. Nothing is surfaced without the evidence to back it.

  • Reserved Instance & Savings Plan coverage
  • Idle & orphaned resource detection
  • Right-sizing across compute, database, and storage
// Opportunity
Reserved Instance coverage gap
$128k / yr
→ 14 accounts
// Idle
23 NAT gateways
→ vpc
// Right-size
Over-provisioned RDS
db.r6g.xl
→ rds
// Savings Plan
Compute commitment
1-yr
→ org
// Storage
S3 multipart leftovers
→ s3
// 03 — Assign & track to closure

From detected to realized savings.

Every recommendation can be assigned to a team member with a full audit trail. Foundation Zero tracks it from detection through action to verified, realized savings — measured back against the next night's Cost and Usage Report.

No spreadsheet hand-offs. No savings that look good in a deck but never land in the bill.

Opportunity detected · RI coverage gap
22 Jun · nightly run
Done
Assigned to owner · Cloud team
22 Jun · auto-routed
Done
Actioned · Reserved Instances purchased
24 Jun · via change request
Done
Savings realized · $128k/yr verified
Now · confirmed against CUR
Now
// 04 — Serverless architecture

Fully serverless, scales to any estate.

Foundation Zero runs entirely on managed AWS services — no servers to babysit. Lambda scales from a single account to hundreds simultaneously; EventBridge orchestrates the nightly run; SQS buffers the work; RDS PostgreSQL aggregates results behind RDS Proxy.

Costs track usage. Quiet periods cost almost nothing; peak nights scale out automatically — the platform practises the cost efficiency it preaches.

foundationzero.core
// event-driven
PAY-PER-USE · auto-scaling
Lambda
processing fleet
EventBridge
nightly schedule
SQS
task queues · DLQ
RDS PostgreSQL
aggregation · RDS Proxy
// 05 — Security & multi-tenancy

Multi-tenant isolation you can prove.

Billing data is sensitive. Foundation Zero enforces complete separation between organisations with AWS Cognito user pools, validates every API request against tenant context, and reads customer billing through short-lived STS credentials.

  • Per-tenant isolation with AWS Cognito user pools
  • Every Lambda assumes a least-privilege IAM role
  • Cross-account billing read via short-lived STS credentials
  • No long-term customer credentials ever stored
Tenant isolation enforced with Cognito user pools
Every interpretation traces to a source line item
Cross-account reads use temporary STS credentials
No long-term customer credentials stored
// processing logthousands of events · nightly
— Where Foundation Zero fits

Built for estates where the bill outgrew the spreadsheet.

Foundation Zero is for teams running real money through AWS — multiple accounts, variable workloads, and a cost surface no one can eyeball anymore.

// 01

Multi-account enterprises

Hundreds of accounts under one organisation, analysed nightly as a single estate — with ranked savings rolled up and broken down by team, application, and account.

Org-wide · rolled up
// 02

Managed service providers

Per-client cost visibility with complete tenant isolation. Show every customer their own ranked optimization backlog — without their data ever touching another tenant's.

Multi-tenant · isolated
// 03

Scaling startups

Catch waste before it compounds. Idle resources, over-provisioned databases, and missed commitments surfaced the morning after they appear — not at the quarterly bill review.

Early signal · fast
// 04

Platform & FinOps teams

A ranked backlog of savings, each with an owner and a dollar value. Track every opportunity from detection to verified, realized savings against the bill.

Owned · tracked to closure
// 05

Regulated estates

Audit-ready cost governance. Source line items retained, interpretations traceable, and a full processing log — built to satisfy a finance or security review.

Audit trail · evidence
// 06

Cost-out programs

Board-level savings targets, broken into accountable line items and tracked to closure — so the number on the slide is the number that lands in the bill.

Targets · accountability
— See it live

See Foundation Zero
score your cloud
estate.

30-minute walkthrough. We connect a read-only role, run a nightly analysis across your accounts, and show you the ranked savings mapped to owners — no slideware, a working trace against your real bill.

connect@cloudandthings.io See related work