Cloud Security · FinOps · Platform Engineering

Secure your cloud.
Control your spend.

IT-RAT is a boutique cloud consultancy. We lock down enterprise identity and infrastructure, and put cloud and AI costs back under control — with architects who do this every day at NatWest, Okta and PETRONAS.

AWS Community Builder FinOps for AI Zero Trust & IAM ISO 27001 / SOC 2 / NIST aligned
- 30% cloud spend Zero Trust Cloud architect at work

Where our architects have built & secured cloud

NatWest Okta PETRONAS Maersk SimCorp 90POE Cloudstream Hive OS
The problem

Cloud got expensive and exposed at the same time.

Spend climbs faster than anyone forecast, AI workloads add a brand-new line item nobody owns, and every new service widens the attack surface. Most teams are firefighting both — without the architecture to fix the root cause.

01

The bill nobody can explain

Untagged resources, idle capacity, and AI/LLM usage with no cost ownership. Finance and engineering point at each other while the invoice grows.

02

Identity sprawl

Over-permissioned roles, standing access, and fragmented IAM across AWS, GCP, Okta and Auth0. One leaked key away from a very bad week.

03

Security bolted on too late

Audits become fire drills. Compliance (ISO 27001, SOC 2, NIST) is documented, not enforced. Pipelines ship faster than guardrails can keep up.

What we do

Two disciplines, one cloud team.

We pair deep cloud-security architecture with hands-on FinOps governance — so your platform is safe, compliant and cost-efficient by default, not by exception.

Cloud Security & IAM

Identity-first security architecture that holds up to real audits and real attackers.

  • Zero Trust & least-privilege access models
  • IAM design across AWS, GCP, Okta & Auth0
  • DevSecOps & secure CI/CD pipelines
  • Threat modelling & reference architectures
  • Compliance: ISO 27001, NIST, SOC 2, GDPR

FinOps & Cost Governance

Turn cloud spend into a managed, forecastable number that finance and engineering both trust.

  • Cost optimization: rightsizing, commitments, waste cuts
  • Tagging, allocation & chargeback that actually works
  • Anomaly detection & automated budget guardrails
  • Forecasting, dashboards & financial observability
  • Multi-cloud governance & GreenOps

Cloud & Platform Architecture

The foundation underneath both: scalable, resilient infrastructure built secure-by-default.

  • End-to-end AWS & GCP solution architecture
  • Kubernetes, GitOps & container platforms
  • Infrastructure as code with Terraform / Terragrunt
  • Migration, replatforming & data pipelines
  • "Golden paths" for secure-by-default delivery

Advisory & Architecture Reviews

A senior, independent read on where your cloud stands — and a roadmap to fix it.

  • Security & cost posture assessments
  • Multi-year cloud strategy & reference standards
  • Stakeholder alignment across eng, finance & security
  • Team enablement, mentoring & FinOps training
The new line item

FinOps for AI workloads

LLM APIs, token-based billing and cloud-native AI services are the fastest-growing — and least governed — part of the cloud bill. We bring cost visibility, allocation and guardrails to AI the same way FinOps did for compute, so you can scale models without scaling surprises.

Token
Usage attributed per team, product & model
Live
Real-time cost & anomaly visibility
Guard
Budgets & policy enforced automatically
Green
Sustainable, efficient AI at scale
Capabilities

The stack we work in every day.

Cloud & Platform

AWSGCPKubernetes TerraformTerragruntDocker ArgoCDGitOpsIstio ServerlessKafkaGo

Security & Identity

IAMOktaAuth0 Zero TrustDevSecOpsSecure CI/CD Threat ModellingAPI Security

FinOps & Cost

FinOpsFinOps for AICost Optimization Tagging & AllocationForecasting Anomaly DetectionMulti-cloudGreenOps

Governance & Compliance

ISO 27001 NIST SOC 2 GDPR
Who you work with

Senior architects. No hand-offs.

You work directly with the people who do this at enterprise scale every day — not a layer of account managers.

Yurii Kostyuk
Co-founder · Cloud Security & IAM

Yurii Kostyuk

Lead Security Architect, PETRONAS · ex-Cloud Native Architect, Okta

IAM solutions architect and cloud security consultant. Yurii defines enterprise-wide security strategy and designs secure, scalable architectures across hybrid and cloud-native environments — Zero Trust, identity, DevSecOps and platform resilience on AWS and GCP.

IAMZero TrustAWS / GCPTerraformKubernetesGo
Connect on LinkedIn
Tania Fedirko
Co-founder · FinOps & Cost Governance

Tania Fedirko

Principal FinOps Architect, NatWest Group · AWS Community Builder

FinOps expert in cloud financial governance, cost optimization and multi-cloud strategy. Tania aligns engineering, finance and business across cloud, Kubernetes and AI workloads — applying FinOps best practices to LLM APIs and token-based usage while keeping things sustainable and scalable.

FinOpsFinOps for AICost GovernanceMulti-cloudGreenOpsAWS
Connect on LinkedIn
How we engage

Lightweight to start. Senior throughout.

Assess

A focused review of your cloud security posture and cost structure. You get a clear, prioritized picture of risk and waste — usually within weeks.

Architect

We design the target state: identity model, guardrails, FinOps operating model and reference architectures — mapped to your compliance obligations.

Embed

We implement alongside your team, automate the guardrails, and hand over with the standards and training that keep it secure and efficient long after.

Get started

Let's make your cloud safer and cheaper.

Tell us where it hurts — runaway spend, a looming audit, an identity mess, or all three. We'll come back with a concrete first step.

We reply within two business days.