The Problem: FinOps and SecOps teams are fundamentally at odds. FinOps wants to aggressively terminate idle resources to save money, but doing so blindly can break infrastructure. SecOps wants to patch vulnerable resources, but lacks visibility to know if a vulnerable resource is just an abandoned prototype that should be deleted instead. The Solution: Marrow. Marrow connects AWS Cost Explorer and AWS Security Hub. It ingests billing data and security findings, correlates them by resource_id, and feeds this context to an advanced LLM reasoner powered by Fireworks AI and AMD Instinct MI300X. How It Works: Data Ingestion: Ingests JSON exports from Cost Explorer and Security Hub. Correlation: Calculates a weighted "Risk Score" for each resource based on severity. AI Reasoning: The data is passed to an LLM via the Fireworks API. With both cost and risk context, it makes nuanced decisions (e.g., "This instance has critical risks but 0% utilization. Don't patch it; terminate it to save $1,200/yr"). Output: A FinOps-friendly dashboard tracking projected savings and reduced attack vectors, with PDF exports. Built for AMD & Fireworks: Marrow supports dynamic model routing. The live demo uses a deterministic fallback to protect API credits, while the LabLab evaluation harness can instantly route traffic to premium Fireworks LLMs by injecting API keys at runtime. Future Roadmap: We plan to scale Marrow beyond AWS by introducing multi-cloud telemetry ingestion for Azure and GCP. Future iterations will leverage AMD Instinct accelerators to train custom fine-tuned LoRA models specifically for FinOps/SecOps heuristic predictions, enabling predictive threat modeling and SOC2-compliant automated remediation pipelines deployed directly via Kubernetes. Impact & Scalability: Marrow shifts cloud monitoring from reactive to proactive AI orchestration. Running DeepSeek on AMD hardware gives us the sub-second latency required for enterprise decisions at scale.
Category tags: