FinOps that pays for itself. Success fee only.

Two months of verified savings, confirmed against your own billing data. No upfront cost. No retainer. Everything up to that point is on us.

Book a Call
Cloud spend
Koritsu fee
Savings retained
£0k £20k £40k £60k £80k £100k £120k M1 M2 M3 M4 M5 M6 M7 M8 M9 M10 M11 M12

How it works.

Four steps. Most engagements start with a quote. This one starts with a report.

01

Onboarding and scope

We meet your team, walk the environment, and agree what is in scope. This is also where we set the exclusion list. Every environment has accounts that should sit outside the analysis. Legacy, mid-migration, sandbox. We set those aside before anything is counted. Then we connect the platform.

02

Savings Opportunity Report generation

Around three days across your billing and service data. Kori does the heavy lifting, our experts read the results. Expect a few questions about your services along the way, so we map spend to how the business actually uses it. The output is your Savings Opportunity Report.

03

Report and sign-off

We walk your team through the findings. Each opportunity, the cause behind it, and a conservative estimate, with the reasoning shown. Opportunities are prioritised by effort against return, so the quick wins and the bigger structural pieces are easy to tell apart. You decide what is worth acting on. Nothing proceeds without your approval.

04

Execution and verification

Your team owns the changes. We stay alongside them rather than handing over a list and walking off. We join the approval meetings, write the extra documentation where it helps, and support your engineers through the rollout. Everything goes in through your own review and release process. Savings are then confirmed against actual billing over the following months. Not projected. The number you pay against is the number on your invoice.

Success fee only.

Two months of verified realised savings. Confirmed against your billing data, not a projection. If we find nothing worth acting on, there is nothing to pay.

No budget approval to write. No business case to defend. No risk of paying for a slide deck. Our incentive only pays out when yours does.

Recommendation example

checkout-vm1 is an m6i.2xlarge (8 vCPU, 32 GB). CPU has stayed below 20 percent for the last month. Recommendation: move to m6i.xlarge as a first step.

m6i.2xlarge
m6i.xlarge
Koritsu fee
Savings retained
$0 $150 $300 $450 $600 M1 M2 M3 M4 M5 M6 M7 M8 M9 M10 M11 M12

Three months of Premium FinOps. On us.

The full Koritsu platform

Cost visibility, dashboards, and spend alerts across every account. It arrives set up, with cost allocation tagging and reporting built to a common standard, so it holds as you grow. The full platform, the same one customers pay for, not a trial slice.

FinOps as a service

The Koritsu team alongside the platform. We run the reporting, help you put cost governance in place, and bring the anomalies that matter to your attention rather than leaving you to find them. The people layer, not just the tool.

Kori, the AI FinOps agent

Ask cost questions in plain language and get answers grounded in your own billing and service data. Kori watches continuously, so the next anomaly surfaces in days with the likely cause attached, not at the next quarterly review.

Read-only. Infrastructure and billing only. Nothing proprietary.

Cloud cost analysis does not need your code, your data, or your secrets. So we do not ask for them.

What we access.

Read-only visibility into infrastructure and billing. The metadata that describes how resources are configured and what they cost. Nothing more.

What we never touch.

Your application data. Your databases. Your source code. Your customer records. None of it is in scope, and the access we use cannot reach it. The analysis works entirely from configuration and billing signals.

Security is the founder's background, not an afterthought.

Koritsu is led by an engineer who has spent a career inside environments where security is not optional. Background includes Moody's Analytics and FTSE 100 financial services, building under the controls those environments demand. Holds Stanford's Software Security Foundations certification. The access model reflects that. Least-privilege by default, read-only by design.

An independent security layer.

We run Aikido as our security provider for SAST, DAST, and continuous environment monitoring. Our own platform is held to the same standard we would expect of anyone we gave access to. SOC 2 in progress.

When the work is done, you choose how to continue.

The engagement finds and realises the savings. What keeps them from creeping back is the part most reviews skip. The 3 months of platform access run alongside the work from day one. When the cycles complete, you decide how to proceed. Three options, no default, no pressure.

Option 1

Continue with the Koritsu FinOps team.

We stay on as an extension of your team, with ongoing governance. New inefficiency gets caught and addressed before it compounds.

Best fit: Cost is a standing concern and you would rather not build the function in-house.

Option 2

Keep the platform only.

Retain Kori. Your team takes over execution, the platform does the heavy lifting. Anomaly detection, reporting, and dashboards stay live.

Best fit: You have the engineering capacity and want the visibility without the retainer.

Option 3

End whenever you want.

No lock-in. No penalty. Every saving realised during the engagement stays with you. The tagging, cost allocation, and dashboards we set up remain in place.

Best fit: You wanted the savings, you got them, and the function is now something your team can run on its own.

Pick the next step that fits where you are.

Book a discovery call.

A 30-minute technical conversation. We look at the shape of your environment, agree the exclusion list, and tell you whether there is opportunity worth pursuing. No obligation to proceed.

Book a discovery call →

See the findings format.

Walk through an anonymised engagement end-to-end. The architectural root cause, not just the dollar number. Useful if you want to see the depth before a conversation.

View a worked example →

Start with the structure.

Not ready to talk. Our Cloud Organisation Guide covers the structural thinking. Free, no access required.

Get the guide →

The questions that come up most.

Most of it never needs the code. The billing and infrastructure data already show the shape of the problem. A resource running more than it needs to, a database where storage dwarfs compute, traffic that points to a missing cache. The cause is usually visible in those signals long before anyone opens a file.

Where a finding genuinely points into the code or a query, we say so and ask first. Nothing at that level happens without your approval, and most engagements never get there.

Two ways it matters, and we account for both.

In the analysis, we size to the workload's real pattern, not a quiet week. Rightsizing reads the peaks as well as the troughs, so nothing is tuned for a lull and then strained at the next peak.

In the verification, seasonality is part of why savings are measured against your billing rather than a projection. We compare like for like and separate a genuine saving from a shift in demand. If spend falls because a change we made took effect, it counts. If it falls because it was a quiet month, it does not.

Yes, and we would expect to. Every environment has accounts that should sit outside the analysis. Legacy, mid-migration, sandbox.

We agree the exclusion list with you in the first call, before anything is counted. Those accounts are excluded from the analysis and from the savings figure, so a migration winding down on its own is never mistaken for a saving you pay against.