One platform. Object-level insight across your entire AWS data layer , from Iceberg tables to media pipelines to EOL SDK detection.
reCost reads your S3 inventory and access logs to reconstruct the full health picture of every Iceberg, Delta, and Hudi table , snapshot count, orphaned files, manifest bloat, small file accumulation, cold partitions , without needing access to your catalog or compute.
"We found 15.6 TB of orphaned files on a single Iceberg table. The table had 42,015 snapshots with no expiry policy."
Pipelines leave footprints in S3. When a Spark job stops writing, when a Glue job goes silent, when a streaming checkpoint stops advancing , reCost detects it from access log patterns, without any integration into your orchestration layer.
"A Go service was making 16.6M failed S3 requests per month , 96% error rate. Nobody had noticed. We found it from user agent analysis."
Every Athena query, every Trino scan, every Databricks read leaves a trace in your S3 access logs. reCost reconstructs query behavior , which tables are hot, which partitions are cold, how much stale metadata is being read on every plan , without any query engine integration.
"64% of all snapshot GETs were on files older than 90 days. Every query was loading ancient snapshot chains just to find current data."
S3 access logs contain the full identity of every request , IAM role, SDK version, user agent, source IP. reCost cross-references this against known EOL runtimes and CVEs to surface production security risks that build-time scanners like Snyk will never see.
"nodejs10.x Lambda , EOL since 2021 , still making requests to production S3. Three years past end of support, actively hitting a sensitive bucket."
reCost builds a complete map of data movement in your AWS environment , which IAM roles access which buckets, which prefixes, which operations, and how much. The Sankey diagram makes invisible data flows visible at a glance.
"Three IAM roles were crossing production bucket boundaries. None of them were supposed to have access. Found within the first scan."
CloudWatch shows you bucket size. reCost shows you which tables are growing, which prefixes are cold, which storage classes your data is actually in, and what's costing you money at the object level.
"12 TB in Standard storage tier with zero GETs in 180 days. Moving to Glacier saved $1,400/month. Identified in under 10 minutes."
If your S3 serves media through CloudFront, reCost gives you visibility that CloudFront logs alone can't provide , which originals are hot, which resized variants are being served, which files have never been accessed, and where your CDN is passing requests through to S3 vs serving from cache.
"68% of CloudFront origin requests were for image variants that hadn't been accessed in 90+ days. Cache warming the wrong assets."
Works with your existing AWS setup. Read-only access. No agents. No data exposure.
Book a Demo