Whether you’re running a FinOps team or managing your company’s cloud costs, anomaly detection is crucial. Why? It helps you enhance cost governance, reducing surprises and overruns—without slowing innovation. Creating resources in the cloud is as simple as clicking a mouse. To ensure that simplicity doesn’t introduce runaway or erroneous spend, organizations must have a way to identify and act on anomalous spend quickly.
That’s where anomaly detection comes in. It identifies, alerts, and manages unexpected or unbudgeted cloud cost and usage in a timely fashion. This is important not only for the FinOps team but also for finance, engineering, product, and executive teams, as a significant cloud cost anomaly can have a sizable impact on a business.
How Ternary Anomaly Detection saves customers money
The FinOps Foundation defines anomalies as “levels of spending that are different (usually higher) than normal historical or expected spend.” Let’s see how Ternary Anomaly Detection works to find these, saving real customers real money.
One customer, whose average monthly cloud bill is in the tens of thousands of dollars, began generating close to $1M per day in unexpected spend. The reason? Unintended duplication in BigQuery inserts, made during testing. Ternary Anomaly Detection helped the customer uncover the error before it became a bigger problem. Without Ternary, the customer would not have known about the duplication and corresponding cost increase until the end of the month—nearly three weeks later.
The following screenshot shows a similarly dramatic example of how Ternary Anomaly Detection surfaces spending spikes. This customer’s expected spend of $45 per day ballooned to over $610K. Receiving an anomaly alert about the delta, the customer took immediate action to resolve the issue.
Beyond cost savings: Anomaly detection enables planning and saves time
Most often, people associate anomaly detection with gaining visibility into their cloud costs. That’s true: It can allow teams to detect cost overruns, identify misconfigurations (as in the examples above), and spot inefficient usage patterns, as well as less obvious rightsizing opportunities. But while anomaly detection is critical for visibility, comprehensive anomaly detection brings other potential benefits. These include enabling stronger budget controls and accurate forecasts (which depend on understanding what resources are actually needed, minus any anomalous spending).
Leveraging Ternary’s machine-learning-powered Anomaly Detection brings another benefit: saved time and reduced human error. Manually reviewing cloud billing data to identify potential anomalies is not just time-consuming and potentially overwhelming; it can also be error-prone. Ternary builds powerful automation into our Anomaly Detection, helping teammates quickly find out-of-pattern spending so they spend more time innovating.
Machine strong, human smart
Ternary’s powerful machine learning (ML) models identify anomalies in record time. But the experts on Ternary’s team know that automation is only part of the solution. Human intelligence is critical in answering the questions ML raises: Who owns the investigation? What is the anomaly’s impact (or potential impact) on the business? Does the anomaly alert really represent unplanned spend, or might additional context explain it? Consider a business that fluctuates seasonally, like retail. Anomaly alerts generated on Black Friday or Cyber Monday correspond to anticipated spikes that serve the business’s long-term goals.
We can rely on software and advanced ML models to notify us of anomalous behavior. But, as the above example shows, human involvement is key to acknowledging, investigating, triaging, and resolving cost-related incidents.
Ternary Anomaly Detection fosters customization and collaboration
Most FinOps tools on the market today provide a one-size-fits-all version of anomaly detection. These tools offer little to no ability to filter, group, or enhance preconfigured anomaly alert rules.
That’s where Ternary really shines: We offer the ability to analyze the dataset by user-defined dimensions. These include service, SKU, resource tags/labels, accounts/projects/subscriptions, etc.
Alongside this customization, Ternary Case Management helps teams collaborate to resolve anomaly alerts. When Ternary generates an anomaly alert, Ternary Case Management allows teammates to create a case; generate reports, email notifications, and/or optimization recommendations; and assign colleagues to follow up. Integrating seamlessly with Jira and Slack, Ternary Case Management enables teammates to log alerts and track findings. Jira or Slack updates cross-populate in Ternary, so teammates can see the issue’s status at a glance.
Let’s explore how “Team A” can customize Ternary Anomaly Detection to stop unplanned spending in their five projects. Team A members want to receive an alert whenever any GCP/Azure/AWS service increases by 10% daily. First, they filter the dataset to target their five projects. Next, they group the data by service and add Team A members to the subscriber list:
Now, within their five projects, whenever a particular service (e.g., Amazon Elastic Compute Cloud or Relational Database Service; Azure Virtual Machines or CosmosDB; GCP Compute Engine or CloudSQL) increases by 10% on any given day, Team A members will receive notifications. This can kickstart discussion of next steps, fostering collaboration among stakeholders. By efficiently and transparently resolving the issue, teammates can get back to what they do best: innovating for future growth.
Ready to learn more?
We hope you’ve found this exploration of Ternary Anomaly Detection helpful and inspiring. To see how Ternary Anomaly Detection can work for your business, book a demo today.
