Knowing what is running is not the same as knowing why.

Most tools tell you what is running. The Lens holds why it is built the way it is, the decisions made at onboarding, the intent behind them and what to prioritise or ignore. It then checks every change against that, so nothing quietly drifts.

Agents analyse your AWS environment continuously and findings arrive where your engineers already work. Pull requests in GitHub, messages in Slack, checks in your CLI, context inside your IDE. Not a dashboard you have to visit.

The agents read the same operational signals base2's toolkit produces, monitoring, cost, security posture and compliance, and weigh every change against your intent, so drift surfaces as a pull request before it becomes an incident.

Your team reviews. Your team executes. We provide the analysis, the context and the intent behind it.

Talk to Us

Under the hood

Specialist agents that never stop working. They run read-only against your AWS accounts and surface what matters, every change measured against the decisions and intent captured at onboarding. No changes made to your environment without your team reviewing first.

ALERT: api-prod TLS expiry
Analysing incident...
R
Root cause: expired cert on api-prod
Recommendation: rotate and deploy
Rob
Incident intelligence. Monitors alerts, assists with root cause analysis and helps your team respond faster, posting findings into Slack and waiting for your approval before acting.
3 accounts connected
Elmer
Account access and environment discovery. Maps your AWS accounts, manages credentials and keeps the analysis connected to every environment you run.
Evidence Pack Ready
Lumbergh
Audit and compliance reporting. Generates evidence packs and compliance reports against your live infrastructure, formatted for your auditors.
$ SELECT * FROM aws_vpc WHERE region =
vpc_id cidr state
vpc-0a1b2c3d
active
vpc-4e5f6a7b
pending
vpc-8c9d0e1f
failing
Plumber
Infrastructure queries. Runs real-time checks against your AWS resources, surfaces configuration gaps and feeds findings to the other agents.
Decision
Onboarding
Single-region RDS
primary writes only
PR #847
Open
+ multi-region replica
+ cross-region read split
!
Diverges from onboarding decision
Infrastructure Drift
Cross-references every infrastructure change against the architectural decisions captured at onboarding. When AI tools or engineers introduce something that diverges from the target, you see the diff before deployment.

What you get

Pull Requests

Findings arrive as reviewed PRs in your GitHub repo. Specific changes, specific context. Review and merge.

Slack Integration

Two-way and real-time. Findings post into your channels, your team replies in thread to dig deeper and approves any action before it runs.

CLI Checks

Run the same agents against a branch, a stack or a new service before it reaches production. On-demand intelligence at deploy time.

IDE Context

Infrastructure context inside Claude Code via MCP. Your AI coding tools understand your environment, not just your code.

Pattern Analysis

What is running, why it was built that way and what should not be repeated. The operational knowledge your codebase cannot tell you.

Compliance Mapping

Findings mapped to SOC 2, ISO 27001 and PCI. Not generic alerts. Framework-specific context your team can act on.

Architecture Drift

Every infrastructure change cross-referenced against the architectural decisions made at onboarding. When AI tools or engineers drift from the target, you see it before deployment.

What is included

The Analysis

  • Continuous AWS environment scanning
  • IAM configuration and access analysis
  • Architecture drift against your decision registry
  • Architecture pattern identification
  • Cost anomaly detection and rightsizing
  • Infrastructure documentation from live resources

The Delivery

  • Findings as GitHub pull requests
  • Slack integration for your engineering channels
  • Interactive Slack approvals before any action runs
  • CLI checks before deployment
  • IDE context via Claude Code MCP
  • Prioritised findings with remediation guidance

The Context

  • Compliance framework mapping (SOC 2, ISO 27001, PCI)
  • Operational knowledge encoded into findings
  • What to ignore and what to prioritise
  • Architecture guidance and advisory
  • Roadmap reviews to ensure everything is on track

How it works

Your environment is analysed continuously. Findings arrive where your engineers work. Your team decides what to act on.

Scan

Agents read your AWS environment. What is running, how it is configured, what has changed.

Analyse

Findings prioritised by impact. Mapped to compliance frameworks. Context provided for each.

Deliver

Pull requests, Slack, CLI, IDE. Findings arrive where your engineers already work.

Advise

Our team explains the why. What to fix first, what to monitor, what patterns to break.

What our customers say

We have leaned very heavily on their expertise, both during the initial design and conception of these new systems as well as while we rolled them out into production.

Michael Jenkins Chief Architect, Emergency Management Victoria

They shared their knowledge and upskilled our own team and that of our other partners.

Srini Nori Manager, Open Universities Australia
Read case study

Working with base2Services completely changed our trajectory.

Lewis Gyson Founder, LogicSaaS
Read case study

Audited and certified

ISO 27001 Certified ISO 27001
AWS Advanced Partner AWS DevOps Competency
AWS SaaS Competency AWS SaaS Competency

See what the Lens finds in your environment.

Walk us through your AWS setup. We will show you what the first analysis covers.

Talk to Us

Case Studies

Real results from companies we work with

Rethinking recording. Taking advantage of AWS scalability and proving that the cloud can be used for real-time workloads.

Read Case Study →

Accelerating growth and innovation. A scalable, automated and AI-driven cloud platform.

Read Case Study →

Achieving PCI compliance 3x faster and saving 53% with base2Services.

Read Case Study →
See More Results

Frequently asked questions

How is this different from Platform Engineering?

Platform Engineering includes our team doing the work. Infrastructure Lens gives you the intelligence and advisory. Your team executes.

What tools do we need?

GitHub, Slack and your existing AWS account. CLI and IDE integrations are optional. No new infrastructure required.

How much does it cost?

Fixed monthly fee. Start with what matters most, add more as you grow. No hourly billing.

How quickly do findings arrive?

Agents can be running in your environment within 1 to 2 weeks. Findings start arriving immediately.

Do we need to give you access to our AWS account?

Read-only access. Fully auditable. No changes made to your environment without your team reviewing and merging.

What if we want you to do the work too?

That is Platform Engineering. Same engine, same intelligence. Our team handles the execution as well.

Not quite what you need?

Every team is different. These may fit better.

Platform Engineering DevOps as a Service Cloud Management