About Netway

Cloud network intelligence — data collection runs in your AWS account, detection runs on Netway servers. Raw logs and topology metadata never leave your account.

🔍

What is Netway?

Netway maps your AWS network topology, detects isolation rule violations and generates compliance evidence, and detects network cost waste — all from a single Lambda that runs in your own account.

🏢

Who builds it?

Basavytix, a Bengaluru-based software company focused on AWS cost optimization tooling. We've been building cloud infrastructure tools since 2024.

What does it detect?

Topology: VPC peerings, TGW attachments, internet exposure, CIDR conflicts, isolation rule violations. Cost: S3 via NAT, cross-AZ traffic, GPU routing waste, unnecessary internet egress, and more.

🚀

How fast is setup?

Register, run one CloudFormation command, and you're done. No agents, no IAM users to create manually, no S3 buckets to configure. First findings appear within 24 hours.

How it works

1

Deploy a CloudFormation stack

One command deploys the entire Netway stack into your AWS account — a Lambda function, an S3 bucket, an Athena workgroup, and EventBridge rules.

2

VPC Flow Logs are enabled automatically

Netway enables VPC Flow Logs on the VPCs you choose and stores them in the S3 bucket it creates and manages, including automatic lifecycle cleanup.

3

Lambda scans topology and analyses traffic daily

The Netway Lambda runs every day. It maps your VPC topology (nodes, edges, subnets, compute instances), evaluates isolation rules, runs compliance detectors, analyses VPC flow logs for cost patterns, and ships results to Netway.

4

Dashboard, alerts, and compliance reports

Findings appear on your dashboard. Violations trigger Slack alerts immediately. The Compliance tab shows isolation rule status with 365-day history. One-click PDF compliance report for PCI-DSS and SOC2 audits.

🔒

Your data never leaves your AWS account

Netway reads VPC Flow Log metadata (IP addresses, ports, byte counts) — it never sees the contents of your network traffic. Raw flow log files stay in your AWS account's S3 bucket. Only aggregated traffic summaries (grouped by resource, AZ, and destination type — no raw IP logs) are sent to the Netway API for pattern detection.

What Netway does not do

Netway does not install any agents on your EC2 instances or containers. It does not require any IAM users or long-lived access keys — it uses an IAM role scoped to read-only EC2, S3, and Athena actions. It does not access your application data, databases, or secrets. It does not make any changes to your infrastructure — it only reads and reports.

It does not access or store your application data, secrets, or raw flow log content. Only aggregated topology metadata and traffic summaries are sent to Netway.

Questions about how Netway works or how it handles your data?

Contact us