Rewind is like a time machine that allows you to see what your cloud environment looked like hours, weeks, months, or even years ago.
As cloud infrastructures grow and evolve, it can be challenging to keep track of their changing state. Whether it's to meet compliance requirements, conduct audits, perform capacity forecasting, or forensic investigation—understanding the history of your cloud environment is crucial.
Rewind doesn't just give you a log of events/changes or time series data, but offers detailed snapshots of your entire cloud environment.
Why Resoto Rewind?
If you've ever implemented new policies or made substantial changes to your cloud setup, you know how important it is to gauge the impact of these changes.
For example, if you've just introduced a new tagging policy, you can use Rewind to compare the state of your tag policy compliance today versus a month ago.
Imagine facing a security breach or a hacking event.
According to the latest Mandiant® M-Trends® report, the median dwell time (time from the start of a cyber intrusion to its detection) can range from few days to as high as several months. This means an attacker may have had access to your systems for a considerable amount of time before the breach was even detected.
Investigating such incidents requires a deep dive into the state of your cloud infrastructure around the time of the incident.
Rewind can be an invaluable tool for forensic analysis, allowing you to understand exactly how your security groups, user accounts and access policies looked at the time of the breach, aiding in identifying potential vulnerabilities that were exploited.
Rewind is also great for capacity forecasting.
By examining the evolution of your cloud infrastructure over time, you can better understand how your infrastructure is growing and plan for future capacity needs and reserved instance purchases.
Using Resoto Rewind
Resoto automatically finds the snapshot closest to the specified time and uses it to perform the search.
Rewind can create automated snapshots of your infrastructure on a schedule that you define. Set up hourly, daily, weekly, monthly, or yearly snapshots, and retain them for as long as you need.
The default schedule keeps 24 hourly, 7 daily, 4 weekly, 12 monthly, and 10 yearly snapshots.
You can edit the snapshot schedules to add custom labels (e.g., "biweekly") and tailor the snapshot schedule to your needs.
The system automatically manages these snapshots, creating new snapshots according to the schedule and deleting the oldest snapshots when the number exceeds the defined limit.
Asset Inventory Graph Export and Import
You can then import it back into the system, archive it, or import into another Resoto instance—your data is always accessible and portable.
A Look into the Future
Resoto Rewind is not just about looking into the past; it's also about preparing for the future.
By examining the state of your cloud infrastructure at different points in time, you can make more informed decisions about capacity planning, identify potential issues before they become major problems, and better understand the impact of the changes you make.
One use case on our roadmap is the ability to use Rewind to predict the future state of your cloud infrastructure.
By analyzing the evolution of your infrastructure, Rewind will be able to predict how your cloud environment will look in the future, empowering you to plan for capacity, budget, and other factors with greater accuracy.