Private Beta

Dependabot for Cloud Waste , Governance & Security

LeftSize runs inside your GitHub workflows to detect cloud inefficiencies and risks — without storing credentials or installing agents.

Shift FinOps, Governance, and Security left — right where developers work.

15 idle VMs detected — save $2,100/month

💰 cost azure

These VMs have been idle for 14+ days. Use @leftsize explain, @leftsize howtofix, or @leftsize scripts azure-cli to get guidance.

Early access program • No credit card required

Comprehensive cloud optimization

More than just FinOps — detect cost, governance, and security issues across AWS and Azure in one place.

💰

Cost Optimization

Detect idle VMs, unattached disks, and over-provisioned resources. Save 20-35% on cloud spend without guesswork.

🏷️

Governance & Compliance

Enforce tagging policies, track ownership, and ensure compliance. Keep your cloud organized and accountable.

🔒

Security & Risk

Find open ports, unencrypted storage, and deprecated services. Reduce security risks before they become incidents.

30+ checks today, expanding weekly — covering compute, storage, containers, networking, and databases.

Cloud waste, governance, and security are broken for most teams

Existing tools fail because they're disconnected from where developers work

For Developers

  • Out-of-band emails feel punitive and interrupt workflow
  • Dashboards require context-switching
  • Unsure what's safe to change

For Platform / FinOps Teams

  • FinOps dashboards are ignored by developers
  • Security and governance reviews happen too late
  • Credential-based SaaS scanners create trust barriers

LeftSize fixes this by operating securely within your own pipelines — surfacing issues as GitHub Issues, not in yet another dashboard.

How it works

Three simple steps to start detecting cost, governance, and security issues

1

Install the GitHub App

Select which repositories to scan. No infrastructure installation required.

2

Add a workflow file

Runs LeftSize scan with your credentials (kept in GitHub Actions). Supports AWS and Azure.

3

Receive actionable GitHub Issues

Cost, governance, and security findings appear automatically in your repo with clear explanations.

Your credentials stay in your control

No credentials leave your GitHub Actions environment.

No agents or external cloud access required

Built on OIDC and short-lived tokens for AWS & Azure.

Comprehensive coverage

More than just FinOps — detect cost, governance, and security issues across your cloud

💰

Cost Optimization

  • Idle or underused resources
  • Unattached volumes and disks
  • Over-provisioned compute
  • Unused load balancers
🏷️

Governance & Compliance

  • Missing ownership tags
  • Resource naming violations
  • Policy violations
  • Non-compliant configurations
🔒

Security & Risk

  • Open ports and security groups
  • Unencrypted storage accounts
  • Deprecated services and runtimes
  • Public access misconfigurations

30+ checks today, expanding weekly — covering compute, storage, containers, networking, and databases.

Secure by default

Your credentials stay under your control — LeftSize never stores or accesses them

GitHub Actions

Your Cloud

Only findings metadata (IDs, cost data) sent to LeftSize — no credentials, no full resource data

Scans run inside your GitHub Actions

Using your own cloud credentials via OIDC or GitHub secrets.

No credential storage

LeftSize never receives, stores, or has access to your cloud credentials.

No external service installation

No agents, no external cloud access required. Just a GitHub workflow.

Built on OIDC and short-lived tokens

Supports AWS and Azure best practices for credential management.

Only lightweight metadata shared

Resource IDs, cost data, and configuration metadata — not full resource data.

Full audit visibility

You control what data leaves your environment via GitHub Actions logs.

Developer experience

See how LeftSize works in practice — with interactive commands and context-aware guidance

💰 cost

Idle Dev VMs

Issue: "15 VMs idle for 14+ days — save $2,100/month"

Commands: @leftsize explain, @leftsize howtofix

Result: Clear guidance for safe cleanup

🏷️ governance

Missing Tags

Issue: "200 resources without owner tags"

Commands: @leftsize scripts azure-cli

Result: Bulk tagging script with audit trail

🔒 security

Unencrypted Storage

Issue: "3 storage accounts without encryption"

Commands: @leftsize explain, @leftsize howtofix

Result: Step-by-step security remediation

Simple workflow setup 

name: LeftSize Scan

on:
  schedule:
    - cron: '0 9 * * *'  # Daily at 9 AM

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: leftsize/scan-action@v1
        with:
          cloud: azure
          # Credentials stay in GitHub Actions

Works entirely in GitHub — no new dashboard required

Proven impact in 90 days

Real results from teams using LeftSize

20-35%

Cloud Spend Reduction

Average savings across teams in first quarter

<1
month

Time to ROI

Savings exceed LeftSize cost within first month

95%

Faster Resolution

Issues resolved 95% faster than traditional methods

100%

Tagging Compliance

Teams reach full ownership tagging within 60 days

"LeftSize transformed how we think about cloud costs. Instead of quarterly reviews, we fix issues as they appear — right in our normal workflow."

— Engineering team using LeftSize

LeftSize is in private beta

We're onboarding early users who care about cloud efficiency and security. Be the first to simplify FinOps and governance for your developers.

Join the waitlist • We'll only contact you once for early access