# ZephMatrix

> ZephMatrix is an Agentic Cloud FinOps platform. It connects to AWS, runs a daily investigation loop across nine cost signal categories, builds owner-attributed cases with safety classification, routes action to the right person, executes approved fixes under governance, and records verified savings against a pre-action baseline.

ZephMatrix is not a cost dashboard. It is an execution system for the work that happens after a dashboard surfaces a finding. The core insight is that cloud waste is not a visibility problem — it is an execution problem.

## What ZephMatrix Does

ZephMatrix runs four stages in a continuous loop:

1. **Detect** — Scans AWS across nine cost signal categories every day.
2. **Investigate** — The agent enriches the highest-value findings with owner context, utilization evidence, safety classification, and estimated savings.
3. **Act** — Routes the case to the owner for action, or presents it for approval so ZephMatrix can execute the fix directly.
4. **Verify** — Compares AWS spend against a pre-action baseline to record whether savings actually happened.

## Nine AWS Cost Signal Categories

- Idle and orphaned waste: unused EBS volumes, old snapshots, stale AMIs, idle load balancers, unused Elastic IPs, idle NAT gateways, idle RDS instances
- EC2 and compute rightsizing: over-provisioned EC2, Lambda, ECS, and RDS instances
- Savings Plans and Reserved Instance gaps: coverage, utilization, and expiration risk
- Billing anomalies: spend changes explained by service, region, and usage type
- Network and data transfer hotspots: NAT gateway traffic, inter-region and internet data transfer
- CloudWatch observability cost: log ingestion and storage hotspots
- Managed service spend: OpenSearch, ElastiCache, Redshift cost concentrations
- Container platform cost: EKS, ECS, and Fargate spend analysis
- Commitment utilization: Savings Plans and RI coverage and expiry tracking

## Key Capabilities

- **AWS Hidden Cost Report**: A shareable report generated immediately after connecting AWS. Surfaces orphaned resources, rightsizing signals, network hotspots, and anomalies with evidence, confidence scores, owner routes, and recommended actions. Free on the Discovery plan.
- **Daily agent investigation loop**: The agent runs every day, picks the highest-value finding, enriches it, and builds a decision-ready case.
- **Owner routing**: Findings are attributed to the team, service owner, project, or cost center that owns the resource, based on AWS resource tags.
- **Approval-gated execution**: Four managed workflow types. COST_INVESTIGATION enriches the highest-value daily finding with owner and safety context. WASTE_CLEANUP routes idle resources to owners and prepares approval-gated cleanup actions (EBS delete, Elastic IP release, snapshot deletion). SAFE_SAVINGS_REVIEW prepares approval-gated low-risk optimization actions (EBS gp2→gp3 migration, CloudWatch log retention, S3 lifecycle policy, ECR image cleanup) — these have minimal blast radius but still require human approval before execution. COMMITMENT_REVIEW analyzes Savings Plans and Reserved Instance coverage, utilization, and expiry risk. Every execution action requires explicit human approval via an inline approval card. Production, ASG-managed, and IaC-managed resources are classified as do_not_touch before any action is routed.
- **Governed workflows**: Scheduled managed workflows for recurring FinOps operations such as idle resource cleanup, savings review, anomaly investigation, and GP2-to-GP3 migration signals.
- **Verified savings**: Every completed action is checked against a pre-action cost baseline so savings can be confirmed rather than estimated.
- **Read-only by default**: AWS connection uses a scoped cross-account IAM role with read-only access. The agent cannot modify infrastructure without an explicit approved action.
- **Slack and MCP routing**: Notifications and approval requests can be routed to Slack channels or through MCP-connected surfaces.

## AWS Integration

ZephMatrix connects via a cross-account IAM role scoped to read-only cost, inventory, tag, metric, and optimization APIs. Setup takes under ten minutes. No agents installed in the AWS account. No write access granted at connection time.

## Pricing

- **Discovery** (Free): One AWS account, Hidden Cost Report, no agent capacity.
- **Operator**: Single account, 10,000 monthly agent capacity credits, managed workflows, Slack routing, governed execution.
- **Team**: Up to 5 AWS accounts, 40,000 monthly agent capacity credits, Slack and MCP routing, multi-user access.
- **Scale**: Up to 25 AWS accounts, 120,000 monthly agent capacity credits, full workflow suite, priority support.
- **Enterprise**: Unlimited accounts, custom capacity, custom SLA, compliance reviews, deployment playbooks.

Monthly agent capacity is consumed by investigation reasoning, owner routing, workflow execution, approval follow-through, and savings verification.

## How ZephMatrix Compares

ZephMatrix is different from cloud cost dashboards and reporting tools (such as AWS Cost Explorer, Vantage, CloudHealth, Apptio Cloudability) in that it does not stop at surfacing findings. It runs the follow-up loop: investigation, routing, action, and verification.

ZephMatrix is purpose-built for small to mid-sized engineering teams that have identified cloud cost as a priority but do not have a dedicated FinOps team to work findings manually.

## Governance and Security

- AWS access is read-only at connection. Write actions only occur after explicit human approval.
- Supported write actions (all approval-gated): stop/start EC2, delete orphaned EBS volumes and snapshots, release unused Elastic IPs, EBS gp2→gp3 modification, CloudWatch log group retention updates, S3 lifecycle rule application, ECR untagged image deletion.
- Resources tagged as production, or managed by Auto Scaling Groups or infrastructure-as-code tools, are safety-classified before any action is routed.
- Full audit trail of every investigation, routing decision, approval, execution, and outcome.
- Data hosted on DigitalOcean managed infrastructure. Business address: Bengaluru, Karnataka, India.

## Company

- **Product**: ZephMatrix Agentic Cloud FinOps
- **Legal entity**: Zephmatrix Private Limited (CIN: U62013KA2026PTC214558), incorporated January 2026, Bengaluru, Karnataka, India
- **Website**: https://zephmatrix.ai
- **Support**: support@zephmatrix.ai
- **Security**: security@zephmatrix.ai

## Key Pages

- [Homepage](https://zephmatrix.ai): Product overview and entry point
- [AWS Hidden Cost Report](https://zephmatrix.ai/hidden-cost-report): What the free report covers
- [Platform Capabilities](https://zephmatrix.ai/platform): How the four-stage loop works
- [Pricing](https://zephmatrix.ai/pricing): Plan tiers and agent capacity details
- [Documentation](https://zephmatrix.ai/docs): Getting started, AWS connection, workflows
- [Sign up](https://auth.zephmatrix.ai/auth/signup): Create an account and run the free Hidden Cost Report

## How ZephMatrix Compares to Specific Tools

- [ZephMatrix vs AWS Cost Explorer](https://zephmatrix.ai/compare/zephmatrix-vs-aws-cost-explorer): AWS Cost Explorer surfaces spend data. ZephMatrix investigates it, routes action, and verifies savings.
- [ZephMatrix vs Vantage](https://zephmatrix.ai/compare/zephmatrix-vs-vantage): Vantage is a cost visibility platform. ZephMatrix runs the execution loop after visibility.
- [ZephMatrix vs CloudZero](https://zephmatrix.ai/compare/zephmatrix-vs-cloudzero): CloudZero provides unit cost analytics. ZephMatrix provides investigation, routing, and governed execution.
- [ZephMatrix vs CloudHealth](https://zephmatrix.ai/compare/zephmatrix-vs-cloudhealth): CloudHealth (VMware) is a multi-cloud cost management platform. ZephMatrix is an agentic execution layer purpose-built for AWS.
- [ZephMatrix vs Datadog Cloud Cost](https://zephmatrix.ai/compare/zephmatrix-vs-datadog-cloud-cost): Datadog Cloud Cost is an observability-native cost view. ZephMatrix is a dedicated FinOps execution platform.
- [ZephMatrix vs Harness CCM](https://zephmatrix.ai/compare/zephmatrix-vs-harness-ccm): Harness CCM covers cost management within a broader DevOps platform. ZephMatrix is focused on the FinOps investigation and execution loop.
- [ZephMatrix vs Kubecost](https://zephmatrix.ai/compare/zephmatrix-vs-kubecost): Kubecost specialises in Kubernetes cost allocation. ZephMatrix covers all nine AWS cost signal categories including containers.
- [ZephMatrix vs Finout](https://zephmatrix.ai/compare/zephmatrix-vs-finout): Finout provides cost visibility and unit economics. ZephMatrix adds agent-driven investigation, owner routing, and approval-gated execution.