Architecture
How Ira Works
Ira doesn’t wait for a breach alert. It watches all five AWS control layers simultaneously — and the moment signals from more than one layer point at the same target, the correlation engine scores the alignment and hands your team a ranked response.
What your team experiences
The view from the security desk
01
Signal fires. Ira starts correlating.
When GuardDuty fires, a Config rule flags, or a CloudTrail anomaly appears, Ira begins watching all five control layers for matching signals — automatically, before any analyst has opened a ticket.
02
Gaps align. Your team is told.
Within minutes, your team receives a scored gap alignment report: which controls flagged, which resources are exposed, how serious the alignment is, and what to do about it. You decide. Ira waits.
03
Every alignment logged. Always.
Every correlation Ira runs is stored in your account — signals ingested, gaps identified, scores calculated, recommendations generated. Queryable, exportable, and board-ready without additional configuration.
Architecture Overview
System architecture
Example Scenario
Gap alignment in practice — a walkthrough
This is what the Swiss cheese model looks like in a real AWS environment. Four independent control layers each had a gap. None of them could see the others. When their gaps aligned, the path was open. Here’s how Ira detected the alignment before the damage compounded.
-
Gap 1: GuardDuty flags an external credential use
EventBridge routes the GuardDuty finding to the Step Functions orchestrator. The finding includes the affected IAM principal, the external IP, and the GuardDuty confidence score (HIGH).
-
Ira begins correlating all five layers
The orchestrator initiates parallel execution of the CloudTrail Agent and VPC Flow Agent, scoped to the affected principal and instance respectively. The Config Agent is also initiated to assess the affected IAM role and instance profile.
-
Gap 2: CloudTrail shows the role was never used this way before
CloudTrail shows the IAM user assumed OrganizationAccountAccessRole from a Tor exit node IP — a role it has never assumed before. Two sensitive API calls (DescribeInstances, ListBuckets) followed immediately. The agent returns three correlated signals with HIGH severity.
-
Gap 3: VPC Flow shows data leaving the environment
VPC Flow shows 2GB of outbound traffic from the affected EC2 instance to the same external IP over 5 minutes, on port 443. No matching inbound session exists. The agent flags this as a potential data exfiltration pathway.
-
Gap 4: Config shows the role gained AdminAccess 6 hours prior — unreviewed
AWS Config history shows a managed policy was attached to the affected instance role 6 hours prior — AdministratorAccess. This drift event was not reviewed. Config Agent classifies this as HIGH severity drift.
-
Four gaps. One alignment. Score: 94 CRITICAL.
All sub-agent results converge. Composite risk score: 94 (CRITICAL). Two containment recommendations are generated: (1) Revoke active IAM session for the affected user — risk reduction 87. (2) Detach AdministratorAccess policy from the instance role — risk reduction 72. Both are presented to the operator for approval.
Deployment
Single-tenant, AWS-native, Terraform-provisioned
Your account, your data
Ira deploys entirely within your AWS account. There is no shared data plane, no multi-tenant backend, and no call home. Your telemetry never leaves your account boundary.
IAM-scoped read access
The system uses IAM roles with read-only access scoped to the telemetry sources it analyses. It does not require write access to your environment to generate recommendations.
Terraform-provisioned
The complete infrastructure stack — Lambda functions, Step Functions orchestrator, EventBridge rules, DynamoDB state store — is provisioned via Terraform. Reproducible from a fresh account.
No internet egress required
All API calls are to AWS service endpoints within the same account. VPC endpoints are used where available. No data is transmitted to external services during analysis.
Design Principles
Why Ira is designed to never act alone
The core constraint of Ira's design is this: the agent never takes external actions. Every containment action is presented as a recommendation — a structured, ranked, human-readable output — and requires explicit operator approval before anything in your environment changes.
This is not a limitation of the technology. It is the design. A security system that acts autonomously introduces a new attack surface: the system itself. If an adversary can trigger the agent into taking a containment action, they can use that action as a weapon. Human-in-the-loop is the right architecture for this domain.
The audit trail is equally important. Every analysis Ira runs produces a complete, queryable log: the signals it ingested, the scores it calculated, the recommendations it generated, and — after operator approval — the actions taken. That record exists regardless of whether a recommendation is accepted or rejected.