![\"amazee.io](\"https://images.prismic.io/amazeeio/aibWaAeQX7-eW9_M_Multi-Region-Failover.jpg?auto=format,compress\")
\n The core difference lies in the blast radius protection and the underlying infrastructure independence:
In an active-passive architecture, the recovery guardrails are defined by the frequency of data synchronization and the speed of network routing:
While staying within a single provider’s ecosystem (e.g., AWS Region A to AWS Region B) keeps operations simpler, it leaves an organization vulnerable to provider-wide systemic issues. Widespread identity management failures, global configuration errors, or API control-plane lockouts can simultaneously compromise all regions under a single hyperscaler.
A cross-cloud failover strategy (such as AWS to GCP or Azure to AWS) eliminates this shared dependency entirely, mitigating Cloud Concentration Risk and ensuring your platform stays online even during a global, provider-wide outage.
","raw":[{"type":"paragraph","text":"While staying within a single provider’s ecosystem (e.g., AWS Region A to AWS Region B) keeps operations simpler, it leaves an organization vulnerable to provider-wide systemic issues. Widespread identity management failures, global configuration errors, or API control-plane lockouts can simultaneously compromise all regions under a single hyperscaler.","spans":[{"start":315,"end":318,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"A cross-cloud failover strategy (such as AWS to GCP or Azure to AWS) eliminates this shared dependency entirely, mitigating Cloud Concentration Risk and ensuring your platform stays online even during a global, provider-wide outage.","spans":[{"start":2,"end":31,"type":"strong"},{"start":124,"end":148,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"While staying within a single provider’s ecosystem (e.g., AWS Region A to AWS Region B) keeps operations simpler, it leaves an organization vulnerable to provider-wide systemic issues. Widespread identity management failures, global configuration errors, or API control-plane lockouts can simultaneously compromise all regions under a single hyperscaler. A cross-cloud failover strategy (such as AWS to GCP or Azure to AWS) eliminates this shared dependency entirely, mitigating Cloud Concentration Risk and ensuring your platform stays online even during a global, provider-wide outage. "}},{"faq_heading":"Why is the failback process to the primary cloud region handled manually instead of automatically?","faq_copy":{"html":"While failing over to a standby region is automated to reduce downtime (RTO), failing back to the primary region should always be a controlled, manual step in your Business Continuity Plan (BCP).
A manual rollback is critical for three reasons:
Multi-region failover should be evaluated as an investment in risk mitigation rather than a standard infrastructure markup. According to New Relic’s 2025 Observability Forecast, high-impact enterprise outages carry a median cost of $2 million per hour.
When building the business case, IT leaders should calculate the cost of a single hour of downtime relative to the baseline cost of a secondary shadow environment. Beyond direct transactional revenue losses, the justification anchors on preventing contractual SLA financial penalties, reducing emergency engineering strain, avoiding regulatory compliance failures, and protecting long-term brand equity and customer trust.
","raw":[{"type":"paragraph","text":"Multi-region failover should be evaluated as an investment in risk mitigation rather than a standard infrastructure markup. According to New Relic’s 2025 Observability Forecast, high-impact enterprise outages carry a median cost of $2 million per hour.","spans":[{"start":232,"end":251,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"When building the business case, IT leaders should calculate the cost of a single hour of downtime relative to the baseline cost of a secondary shadow environment. Beyond direct transactional revenue losses, the justification anchors on preventing contractual SLA financial penalties, reducing emergency engineering strain, avoiding regulatory compliance failures, and protecting long-term brand equity and customer trust.","spans":[],"direction":"ltr"}],"text":"Multi-region failover should be evaluated as an investment in risk mitigation rather than a standard infrastructure markup. According to New Relic’s 2025 Observability Forecast, high-impact enterprise outages carry a median cost of $2 million per hour. When building the business case, IT leaders should calculate the cost of a single hour of downtime relative to the baseline cost of a secondary shadow environment. Beyond direct transactional revenue losses, the justification anchors on preventing contractual SLA financial penalties, reducing emergency engineering strain, avoiding regulatory compliance failures, and protecting long-term brand equity and customer trust."}}]},"body":[{"id":"e6b738a6-6c9c-554c-8b04-f213630f0c1c","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n \n
\n ![\"Multi-Region](\"https://images.prismic.io/amazeeio/aibc1weQX7-eW-Kk_Multi-RegionFailoverExplained3.gif?auto=format,compress\")
\n
If your website goes down, the impact is immediate: potential customers will go elsewhere, and some of them will never come back. Even if the outage is short, the knock-on effects can last for days: lost business, reputational damage, missed deadlines, and a backlog of work that competes with everything else you planned to ship.
","raw":[{"type":"paragraph","text":"If your website goes down, the impact is immediate: potential customers will go elsewhere, and some of them will never come back. Even if the outage is short, the knock-on effects can last for days: lost business, reputational damage, missed deadlines, and a backlog of work that competes with everything else you planned to ship.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"If your website goes down, the impact is immediate: potential customers will go elsewhere, and some of them will never come back. Even if the outage is short, the knock-on effects can last for days: lost business, reputational damage, missed deadlines, and a backlog of work that competes with everything else you planned to ship. "}}},{"id":"86a0b72a-6c2a-513c-a3f0-432a7703ee88","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Modern websites are built on layers of services that can fail in different ways. A problem in one layer can cascade quickly. Some of the most frustrating incidents are those outside your control, such as upstream cloud-provider disruptions or regional networking issues.
","raw":[{"type":"heading2","text":"Why Website Outages Happen","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Modern websites are built on layers of services that can fail in different ways. A problem in one layer can cascade quickly. Some of the most frustrating incidents are those outside your control, such as upstream cloud-provider disruptions or regional networking issues.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Website Outages Happen Modern websites are built on layers of services that can fail in different ways. A problem in one layer can cascade quickly. Some of the most frustrating incidents are those outside your control, such as upstream cloud-provider disruptions or regional networking issues. "}}},{"id":"2ed46822-3fde-5440-be36-800caf0cd055","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Failure is inevitable. No infrastructure is immune to failure, and resilient systems are designed with the expectation that outages will happen. Put into practice, resilience is about planning for the failures you can’t predict, and building systems that keep running even when parts of the stack are affected.
","raw":[{"type":"heading3","text":"Why Resilience Planning Matters","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Failure is inevitable. No infrastructure is immune to failure, and resilient systems are designed with the expectation that outages will happen. Put into practice, resilience is about planning for the failures you can’t predict, and building systems that keep running even when parts of the stack are affected.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Resilience Planning Matters Failure is inevitable. No infrastructure is immune to failure, and resilient systems are designed with the expectation that outages will happen. Put into practice, resilience is about planning for the failures you can’t predict, and building systems that keep running even when parts of the stack are affected. "}}},{"id":"a167a0fc-6ca0-526f-9bc2-0e4b3b60db8c","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Multi-region failover is designed for scenarios where staying inside a single cloud region is not enough. This can include regional outages, major platform incidents, or enterprise requirements that demand an independent “plan B” elsewhere.
At its core, multi-region failover means maintaining a secondary environment in a separate region (or even a separate provider) that can take over if the primary environment becomes unavailable.
","raw":[{"type":"heading2","text":"Multi-Region Failover: Continuity When a Whole Region is at Risk","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Multi-region failover is designed for scenarios where staying inside a single cloud region is not enough. This can include regional outages, major platform incidents, or enterprise requirements that demand an independent “plan B” elsewhere.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"At its core, multi-region failover means maintaining a secondary environment in a separate region (or even a separate provider) that can take over if the primary environment becomes unavailable.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Multi-Region Failover: Continuity When a Whole Region is at Risk Multi-region failover is designed for scenarios where staying inside a single cloud region is not enough. This can include regional outages, major platform incidents, or enterprise requirements that demand an independent “plan B” elsewhere. At its core, multi-region failover means maintaining a secondary environment in a separate region (or even a separate provider) that can take over if the primary environment becomes unavailable. "}}},{"id":"72aba751-e43a-5499-8704-695476701d07","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Multi-region designs often accept a small window of potential data loss in exchange for keeping services available during major incidents. This is measured using two critical industry metrics:
","raw":[{"type":"heading3","text":"The Tradeoff: Availability vs. Data Currency (RPO vs. RTO)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Multi-region designs often accept a small window of potential data loss in exchange for keeping services available during major incidents. This is measured using two critical industry metrics:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Tradeoff: Availability vs. Data Currency (RPO vs. RTO) Multi-region designs often accept a small window of potential data loss in exchange for keeping services available during major incidents. This is measured using two critical industry metrics: "}}},{"id":"faffed7e-2730-5f1b-8a59-9ff999e99e78","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"For the vast majority of enterprise platforms, accepting a 15-minute RPO window is an incredibly worthwhile trade-off compared to hours-long site blackouts (high RTO), compounded financial losses, and severe contractual SLA penalties.
","raw":[{"type":"paragraph","text":"For the vast majority of enterprise platforms, accepting a 15-minute RPO window is an incredibly worthwhile trade-off compared to hours-long site blackouts (high RTO), compounded financial losses, and severe contractual SLA penalties.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"For the vast majority of enterprise platforms, accepting a 15-minute RPO window is an incredibly worthwhile trade-off compared to hours-long site blackouts (high RTO), compounded financial losses, and severe contractual SLA penalties. "}}},{"id":"8bb80ca3-9cbe-5709-9944-5c34619f7e58","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Multi-zone resilience protects you from failures within a single region, such as an Availability Zone (AZ) disruption. Multi-region failover is intended for larger scenarios, where the region itself is affected or where continuity requirements demand independence from a single regional footprint.
If your availability requirements are strict, you usually want both layers: multi-zone as your baseline, and multi-region for business continuity.
","raw":[{"type":"heading3","text":"Multi-Zone vs Multi-Region","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Multi-zone resilience protects you from failures within a single region, such as an Availability Zone (AZ) disruption. Multi-region failover is intended for larger scenarios, where the region itself is affected or where continuity requirements demand independence from a single regional footprint.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"If your availability requirements are strict, you usually want both layers: multi-zone as your baseline, and multi-region for business continuity.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Multi-Zone vs Multi-Region Multi-zone resilience protects you from failures within a single region, such as an Availability Zone (AZ) disruption. Multi-region failover is intended for larger scenarios, where the region itself is affected or where continuity requirements demand independence from a single regional footprint. If your availability requirements are strict, you usually want both layers: multi-zone as your baseline, and multi-region for business continuity. "}}},{"id":"c087490e-9463-539b-8435-53c6e298db30","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<table class="tg"> <thead> <tr> <th class="tg-0pky"><span style="font-weight:bold">Capability</span></th> <th class="tg-0pky"><span style="font-weight:bold">Multi-Zone Resilience (Baseline HA)</span></th> <th class="tg-0pky"><span style="font-weight:bold">Multi-Region Failover (Disaster Recovery)</span></th> </tr> </thead> <tbody> <tr> <td class="tg-0pky"><span style="font-weight:bold">Blast Radius Protection</span></td> <td class="tg-0pky">Localized data center failure (Single AZ)</td> <td class="tg-0pky">Complete regional collapse or provider outage</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Geographic Separation</span></td> <td class="tg-0pky">Minimal (Typically within the same metropolitan area)</td> <td class="tg-0pky">High (Hundreds or thousands of miles apart)</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Infrastructure Footprint</span></td> <td class="tg-0pky">Shared regional control planes and network backbones</td> <td class="tg-0pky">Completely separate regional infrastructure / Cross-Cloud</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Cost & Complexity</span></td> <td class="tg-0pky">Low (Typically built into modern container platforms)</td> <td class="tg-0pky">Higher (Requires data synchronization & edge routing)</td> </tr> </tbody> </table>
","raw":[{"type":"paragraph","text":"| Capability | Multi-Zone Resilience (Baseline HA) | Multi-Region Failover (Disaster Recovery) |
|---|---|---|
| Blast Radius Protection | Localized data center failure (Single AZ) | Complete regional collapse or provider outage |
| Geographic Separation | Minimal (Typically within the same metropolitan area) | High (Hundreds or thousands of miles apart) |
| Infrastructure Footprint | Shared regional control planes and network backbones | Completely separate regional infrastructure / Cross-Cloud |
| Cost & Complexity | Low (Typically built into modern container platforms) | Higher (Requires data synchronization & edge routing) |
| Capability | Multi-Zone Resilience (Baseline HA) | Multi-Region Failover (Disaster Recovery) |
|---|---|---|
| Blast Radius Protection | Localized data center failure (Single AZ) | Complete regional collapse or provider outage |
| Geographic Separation | Minimal (Typically within the same metropolitan area) | High (Hundreds or thousands of miles apart) |
| Infrastructure Footprint | Shared regional control planes and network backbones | Completely separate regional infrastructure / Cross-Cloud |
| Cost & Complexity | Low (Typically built into modern container platforms) | Higher (Requires data synchronization & edge routing) |
That’s the context in which amazee.io builds failover into the platform. We aim to reduce the likelihood that infrastructure incidents become customer-visible events and make recovery predictable when the incident spans more than a single zone.
We deliver resilience in two layers: multi-zone failover by default, and multi-region failover as an advanced add-on for organizations that need continuity across multiple regions.
","raw":[{"type":"paragraph","text":"That’s the context in which amazee.io builds failover into the platform. We aim to reduce the likelihood that infrastructure incidents become customer-visible events and make recovery predictable when the incident spans more than a single zone.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We deliver resilience in two layers: multi-zone failover by default, and multi-region failover as an advanced add-on for organizations that need continuity across multiple regions.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"That’s the context in which amazee.io builds failover into the platform. We aim to reduce the likelihood that infrastructure incidents become customer-visible events and make recovery predictable when the incident spans more than a single zone. We deliver resilience in two layers: multi-zone failover by default, and multi-region failover as an advanced add-on for organizations that need continuity across multiple regions. "}}},{"id":"225fd278-c5e6-56d6-9f1f-87fadf0e5fed","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Most major hyperscaler regions (AWS, GCP, Azure) contain three or more isolated Availability Zones (AZs). amazee.io automatically distributes workloads across all AZs in a region, so if one AZ fails, your sites can stay live.
What you get:
","raw":[{"type":"heading3","text":"Built-In Resilience: Multi-Zone Failover by Default","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Most major hyperscaler regions (AWS, GCP, Azure) contain three or more isolated Availability Zones (AZs). amazee.io automatically distributes workloads across all AZs in a region, so if one AZ fails, your sites can stay live.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"What you get:","spans":[],"direction":"ltr"}],"text":"Built-In Resilience: Multi-Zone Failover by Default Most major hyperscaler regions (AWS, GCP, Azure) contain three or more isolated Availability Zones (AZs). amazee.io automatically distributes workloads across all AZs in a region, so if one AZ fails, your sites can stay live. What you get:"}}},{"id":"0b7f1c81-34ff-51ab-9ea9-1ce45a5a4166","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"We offer multi-region failover as an advanced add-on, enabling:
","raw":[{"type":"heading3","text":"Multi-Region Failover with amazee.io: Continuity Beyond One Region","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We offer multi-region failover as an advanced add-on, enabling:","spans":[],"direction":"ltr"}],"text":"Multi-Region Failover with amazee.io: Continuity Beyond One Region We offer multi-region failover as an advanced add-on, enabling:"}}},{"id":"c3d5cf13-ea28-5108-b58b-5351d6d50268","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Downtime is expensive, even before you factor in lost revenue. Incident response can pull senior engineers into urgent work, customer-facing teams need to manage incoming support requests, and internal roadmaps often stall while teams focus on recovery.
Data shows that the financial impact of outages is significant and growing. According to New Relic’s 2025 Observability Forecast, high-impact outages cost organizations a median of $2 million per hour, with some industries reporting even higher figures depending on regulatory and operational complexity.
Depending on how crucial your website is to revenue and operations, downtime losses may range from thousands to hundreds of thousands of dollars per minute.
","raw":[{"type":"paragraph","text":"Downtime is expensive, even before you factor in lost revenue. Incident response can pull senior engineers into urgent work, customer-facing teams need to manage incoming support requests, and internal roadmaps often stall while teams focus on recovery.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Data shows that the financial impact of outages is significant and growing. According to New Relic’s 2025 Observability Forecast, high-impact outages cost organizations a median of $2 million per hour, with some industries reporting even higher figures depending on regulatory and operational complexity.","spans":[{"start":89,"end":128,"type":"hyperlink","data":{"link_type":"Web","url":"https://newrelic.com/press-release/20250917","target":"_blank"}},{"start":89,"end":128,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"Depending on how crucial your website is to revenue and operations, downtime losses may range from thousands to hundreds of thousands of dollars per minute.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Downtime is expensive, even before you factor in lost revenue. Incident response can pull senior engineers into urgent work, customer-facing teams need to manage incoming support requests, and internal roadmaps often stall while teams focus on recovery. Data shows that the financial impact of outages is significant and growing. According to New Relic’s 2025 Observability Forecast, high-impact outages cost organizations a median of $2 million per hour, with some industries reporting even higher figures depending on regulatory and operational complexity. Depending on how crucial your website is to revenue and operations, downtime losses may range from thousands to hundreds of thousands of dollars per minute. "}}},{"id":"51ee2d06-e9a9-5ab8-ae88-fb919a2b96d6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"The financial impact of downtime is only part of the picture. Organizations also face:
","raw":[{"type":"heading3","text":"The Costs Go Beyond Revenue","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The financial impact of downtime is only part of the picture. Organizations also face:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Costs Go Beyond Revenue The financial impact of downtime is only part of the picture. Organizations also face: "}}},{"id":"435e12e6-b8f8-582b-ba01-907463cce7c7","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"As systems become more distributed and dependent on external services, the cost of recovery effort often becomes as significant as the outage itself.
","raw":[{"type":"paragraph","text":"As systems become more distributed and dependent on external services, the cost of recovery effort often becomes as significant as the outage itself.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"As systems become more distributed and dependent on external services, the cost of recovery effort often becomes as significant as the outage itself. "}}},{"id":"6bf17731-1016-5dcc-8a86-1e6098450890","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"This is why multi-region failover is often evaluated less as a technical upgrade and more as an investment in business continuity. The objective is not simply to improve infrastructure resilience, but to reduce the operational, financial, and reputational impact of major outages when they occur.
","raw":[{"type":"heading3","text":"Why Multi-Region Failover Is a Business Decision","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This is why multi-region failover is often evaluated less as a technical upgrade and more as an investment in business continuity. The objective is not simply to improve infrastructure resilience, but to reduce the operational, financial, and reputational impact of major outages when they occur.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Multi-Region Failover Is a Business Decision This is why multi-region failover is often evaluated less as a technical upgrade and more as an investment in business continuity. The objective is not simply to improve infrastructure resilience, but to reduce the operational, financial, and reputational impact of major outages when they occur. "}}},{"id":"9d08ba25-b966-5715-ad37-9ce475093cb2","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"What's one hour of downtime worth to your organization? If website availability is critical to revenue, compliance, or public access, it's worth evaluating your recovery strategy before the next incident occurs.
Our team can assess your resilience requirements and show you how amazee.io helps keep critical websites online during major infrastructure disruptions.
","raw":[{"type":"paragraph","text":"What's one hour of downtime worth to your organization? If website availability is critical to revenue, compliance, or public access, it's worth evaluating your recovery strategy before the next incident occurs.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Our team can assess your resilience requirements and show you how amazee.io helps keep critical websites online during major infrastructure disruptions.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Talk to our Experts","spans":[{"start":0,"end":19,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/get-in-touch","target":"_blank"}},{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What's one hour of downtime worth to your organization? If website availability is critical to revenue, compliance, or public access, it's worth evaluating your recovery strategy before the next incident occurs. Our team can assess your resilience requirements and show you how amazee.io helps keep critical websites online during major infrastructure disruptions. Talk to our Experts "}}},{"id":"9c510c70-a6e4-55ee-88ae-ef2057e86594","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"👓 Fault-Tolerant Enterprise Hosting
👓 Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks
","raw":[{"type":"heading2","text":"Additional Resources","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 Fault-Tolerant Enterprise Hosting","spans":[{"start":3,"end":36,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting","target":"_blank"}},{"start":3,"end":36,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"👓 Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks","spans":[{"start":3,"end":100,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fully-managed-secured-data-hosting-service","target":"_blank"}},{"start":3,"end":100,"type":"strong"}],"direction":"ltr"}],"text":"Additional Resources 👓 Fault-Tolerant Enterprise Hosting 👓 Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"}}}],"summary":"Website outages cost a median of $2M per hour. Discover how our multi-region failover delivers an automated 15-minute RPO across AWS, GCP, and Azure","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/aibWaAeQX7-eW9_M_Multi-Region-Failover.jpg?auto=format%2Ccompress"}]},"suggestedPosts":[{"topLevelBlogData":{"tags":[{"slug":"news","name":"News","include_in_header":true},{"slug":"tips-tricks","name":"Knowledge Base","include_in_header":true},{"slug":"culture","name":"Culture","include_in_header":true},{"slug":"success-stories","name":"Success Stories","include_in_header":false},{"slug":"roadmap","name":"Lagoon Roadmap","include_in_header":false},{"slug":"events","name":"Events","include_in_header":true}],"availablePrismicBlogs":[{"slug":"multi-region-failover-explained-cross-cloud-resilience","title":"Multi-Region Failover: Cross-Cloud Resilience Explained"},{"slug":"dependency-track-software-supply-chain-security","title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security"},{"slug":"drupal-dev-days-athens-2026-recap","title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal"},{"slug":"byoc-bring-your-own-cloud-guide","title":"Bring Your Own Cloud (BYOC): The Hosting Architecture of Trust for 2026"},{"slug":"fault-tolerant-enterprise-hosting","title":"Fault-Tolerant Enterprise Hosting: From Self-Healing Infrastructure to Deployment Strategies That Never Fail"},{"slug":"ab-bark-road-playlist-2026","title":"Ab-bark Road – amazee.io Team Playlist 2026"},{"slug":"apm-and-observability","title":"APM and Observability: Essential Platforms for Modern Enterprises"},{"slug":"women-in-tech-nicole-ritchie","title":"Women in Tech - Q&A with Nicole Ritchie, Customer Success Lead"},{"slug":"kitty-stardust-playlist-2025","title":"Kitty Stardust – amazee.io Team Playlist 2025"},{"slug":"fully-managed-secured-data-hosting-service","title":"Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"},{"slug":"high-scalability-hosting-for-drupal-projects","title":"High Scalability Hosting for Your Enterprise Drupal Projects"},{"slug":"drupalcon-europe-2025-vienna-recap","title":"DrupalCon Europe 2025 - Vienna: Recap"},{"slug":"amazeeio-acquires-amazeelabs","title":"The amazee Reunion: amazee.io Acquires Amazee Labs, Reuniting Two Tech Powerhouses"},{"slug":"women-in-tech-brittany-mitchell","title":"Women in Tech - Q&A with Brittany Mitchell, Platform Engineer"},{"slug":"women-in-tech-bree-benesh","title":"Women in Tech - Q&A with Bree Benesh, Product Experience Manager"},{"slug":"women-in-tech-deeksha-kini","title":"Women in Tech - Q&A with Deeksha Kini, Systems Support Engineer"},{"slug":"drupal-hosting-iso-27001-certification","title":"Your Enterprise Security Advantage: ISO/IEC 27001 Certified Drupal Hosting Excellence"},{"slug":"women-in-tech-lauren-morris","title":"Women in Tech - Q&A with Lauren Morris, Head of Product"},{"slug":"drupals-strategic-ai-initiative-our-commitment","title":"Our Commitment to Drupal’s Strategic AI Initiative"},{"slug":"introducing-brittany-bailey","title":"Welcome, Brittany Bailey, our new Delivery Manager"},{"slug":"introducing-lanette-miller","title":"Meet Lanette Miller, our new Technical Account Manager"},{"slug":"introducing-ryan-price","title":"Introducing Ryan Price, our new Technical Account Manager"},{"slug":"introducing-katywalsh","title":"Introducing Katy Walsh, our new Marketing Lead"},{"slug":"enterprise-drupal-migrations-done-right","title":"From Monoliths to Multi-Sites: Two Stories of Enterprise Drupal Website Migrations Done Right"},{"slug":"ddos-attack-mitigation-for-enterprises","title":"DDoS Attack Mitigation for Enterprises: Protect Your Digital Properties"},{"slug":"future-of-work-conference-2024-highlights","title":"Future of Work Conference 2024: Highlights and Key Takeaways"},{"slug":"headless-drupal-basics-for-enterprises","title":"Headless Drupal Basics For Modern Enterprises"},{"slug":"update-from-franz","title":"A personal update from Franz on stepping back from his role as CEO of amazee.io"},{"slug":"push-your-code-well-handle-the-rest","title":"Push Your Code. We’ll Handle The Rest."},{"slug":"data-pipelines-for-rag","title":"Data Pipelines for RAG"},{"slug":"building-a-private-llm-chatbot-learnings-insights","title":"Building a Private LLM Chatbot: Learning and Insights"},{"slug":"drupal-7-end-of-life","title":"Drupal 7 End of Life: How We Help"},{"slug":"introducing-dimitra-chatzichrysou","title":"Meet amazee.io’s new Platform Engineer, Dimitra Chatzichrysou"},{"slug":"welcome-karl-hepworth","title":"Welcome, Karl Hepworth, amazee.io’s new Platform Engineer"},{"slug":"lagoon-v220-release","title":"Lagoon V2.20 Release: New Features and Enhancements"},{"slug":"introducing-lauren-morris","title":"Welcome, Lauren Morris, Our New Product Manager at amazee.io!"},{"slug":"meet-glyn-davies","title":"Meet Glyn Davies, our new Platform Engineer!"},{"slug":"introducing-laura-caraker","title":"Introducing Laura Caraker, our new Sales Representative"},{"slug":"introducing-sailonlagoon","title":"Provision and Deploy Laravel on amazee.io - Introducing Sail:onLagoon"},{"slug":"building-a-private-llm-chatbot","title":"Building a Private LLM Chatbot from Technical Documentation: Challenges and Solutions"},{"slug":"what-is-green-web-hosting","title":"What is Green Web Hosting?"},{"slug":"cdn-waf-enhancing-protecting-your-website","title":"CDN + WAF: Enhancing and Protecting Your Website"},{"slug":"automating-migrations-between-lagoon-clusters-and-embracing-managed-kubernetes","title":"Automating Migrations Between Lagoon Clusters, and Embracing Managed Kubernetes"},{"slug":"asynchronous-communication-in-a-globally-remote-team","title":"Asynchronous Communication in a Globally Remote Team"},{"slug":"a-new-home-and-platform-for-our-lagoon-documentation","title":"A New Home (and Platform) for Our Lagoon Documentation"},{"slug":"amazee-io-joins-aws-isv-accelerate-program","title":"amazee.io joins AWS ISV Accelerate Program to accelerate developer experience"},{"slug":"austin-sprint-week-recap","title":"Support for Native Kubernetes – Austin Sprint Week Recap"},{"slug":"amazeeio-now-available-in-aws-marketplace","title":"amazee.io – Now Available in AWS Marketplace"},{"slug":"amazee.io--a-worldwide-family","title":"amazee.io – a worldwide family"},{"slug":"amazee-io-joins-mirantis","title":"Taking steps to further improve the developer experience: amazee.io joins Mirantis"},{"slug":"amazee-io-recognized-with-aws-devops-software-competency","title":"amazee.io recognized with AWS DevOps Software Competency"},{"slug":"are-you-ready-for-drupalsouth-shorts","title":"Are you ready for DrupalSouth Shorts?"},{"slug":"amazee-io-virtual-birthday-panel","title":"Join us for amazee.io’s Virtual Birthday Panel!"},{"slug":"a-marketers-perspective-on-web-hosting","title":"A Marketer’s Perspective on Switching Hosting Providers"},{"slug":"5-key-reasons-more-businesses-are-relying-on-webops","title":"5 Key Reasons More Businesses are Relying on WebOps in 2022"},{"slug":"announcing-lando-integration-for-lagoon","title":"Announcing Lando Integration for Lagoon"},{"slug":"amazee-io-earns-high-performer-ranking","title":"amazee.io earns High Performer ranking in Web Hosting and Continuous Delivery on G2"},{"slug":"live-uncover-hidden-vulnerabilities-with-dependency-track","title":"Webinar: Uncover Hidden Vulnerabilities - Continuous Software Security with Dependency-Track"},{"slug":"sounds-like-team-spirit-playlist-2024","title":"Sounds Like Team Spirit – amazee.io Team Playlist 2024"},{"slug":"drupal-dxp-built-for-decoupled-enterprise-hosting","title":"Drupal: The DXP Built for Decoupled Enterprise Website Hosting"},{"slug":"why-enterprises-turn-to-private-ai-solutions","title":"Webinar: Why Smart Enterprises Are Turning to Private AI Solutions"},{"slug":"webinar-launch-drupal-ai-provider","title":"Webinar: Private Drupal AI Provider – From Demo to Launch"},{"slug":"drupalcon-na-2021-recap-the-amazee-io-sessions","title":"DrupalCon North America 2021 Recap: The amazee.io Sessions"},{"slug":"meet-brand-ambassador-jason-lewis","title":"Welcome Jason Lewis, our Brand Ambassador"},{"slug":"meet-matt-swann","title":"Meet Matt Swan, our new UX Product Designer"},{"slug":"welcome-jay-porter","title":"Meet Jay Porter, our Technical Account Manager"},{"slug":"webinar-recap-lagoon-insights","title":"Webinar Recap: Lagoon Insights"},{"slug":"say-hello-to-peter-wettstein","title":"Say hello to Peter, our new Technical Account Manager"},{"slug":"what-was-the-cwp-for-the-new-zealand-government-and-whats-next","title":"What was the CWP for the New Zealand Government — and what's next?"},{"slug":"lagoon-2-is-available-now","title":"Lagoon 2 is Available Now! Here’s What’s New"},{"slug":"welcome-bobby-our-new-technical-account-manager","title":"Meet Bobby Kindle, our Technical Account Manager"},{"slug":"webinar-recap-how-to-simplify-your-development-workflow","title":"Webinar Recap: How to simplify your development workflow with Lando and Lagoon"},{"slug":"were-going-to-drupalcon-global","title":"We’re going to DrupalCon Global — see you online!"},{"slug":"webinar-recap-blue-green-deployments-with-activestandby","title":"Webinar Recap: Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"get-to-know-a-tam-sean-hamlin","title":"Get to Know a Technical Account Management Lead: Sean Hamlin"},{"slug":"lagoon-insights-webinar","title":"Lagoon Insights webinar"},{"slug":"introducing-nicole-laine","title":"Introducing Nicole Laine, our Digital Marketing and Advertising Specialist!"},{"slug":"joint-webinar-recap-the-future-of-web-development","title":"Joint Webinar Recap: The Future of Web Development and Hosting"},{"slug":"joint-webinar-recap-advanced-lando-ing-with-lagoon","title":"Joint Webinar Recap: Advanced Lando-ing with Lagoon"},{"slug":"joint-webinar-devportal-as-a-service-enabled-by-amazeeio","title":"Joint Webinar - DevPortal as a Service, deployed wherever the customer needs it, enabled by amazee.io"},{"slug":"is-cloud-native-too-hard-to-hire-for","title":"Is cloud native too hard to hire for? amazee.io can help simplify the process. Here’s how."},{"slug":"drupalcon-europe-2020-speaker-video-replay","title":"DrupalCon Europe 2020 Speaker Video Replay"},{"slug":"welcome-to-the-team-jonathan-peter","title":"Welcome to the team, Jonathan Peter – our new IT LEAD!"},{"slug":"webinar-drupal-ai-private-by-design","title":"Webinar: AI for Drupal - Private-by-Design"},{"slug":"drupal-content-distribution-solutions","title":"Drupal Content Distribution Solutions"},{"slug":"composable-web-drupal-web-hosting-and-the-future-of-web-architectures","title":"Composable web: Drupal web hosting and the future of web architectures"},{"slug":"will-greener-hosting-help","title":"Will greener hosting help reduce my website’s carbon emissions?"},{"slug":"dedicated-cloud-an-introductory-guide","title":"Dedicated Cloud: An Introductory Guide to Hosting Drupal and Other Enterprise CMS Software"},{"slug":"join-us-in-welcoming-toby-bellwood--our-new-product","title":"Join us in welcoming Toby Bellwood – our new Product Lead!"},{"slug":"preparing-lagoon-for-drupal-9-launch-day","title":"Preparing Lagoon for Drupal 9 Launch Day"},{"slug":"lagoon-implements-active-standby-a-blue-green-deploy-solution","title":"Lagoon implements “Active/Standby” - A Blue-Green Deploy Solution"},{"slug":"badcamping-virtually-together","title":"BADCamping Virtually Together"},{"slug":"amazee-io-launches-agency-partner-program","title":"amazee.io launches first Agency Partner Program, creating reseller and referral opportunities for agencies around the world"},{"slug":"amazee.io-catalyst-cloud-sparks-panel-discussion","title":"Webinar Recap: How Governments Can Leverage Open Source and the Cloud"},{"slug":"join-amazee-io-at-new-zealand-techweek2021","title":"Join us at New Zealand Techweek2021"},{"slug":"webinar-data-sovereignty-enterprise-drupal-publishing-workflows","title":"Webinar: Drupal Publishing Workflows and Data Sovereignty"},{"slug":"webinar-recap-lagoon-2.0-deploy-into-kubernetes-and","title":"Webinar RECAP: Lagoon 2.0: Deploy into Kubernetes and more!"},{"slug":"meet-us-at-cloudfest-2022","title":"Meet Us At CloudFest 2022"},{"slug":"top-benefits-of-cicd-in-web-hosting","title":"Top benefits of CI/CD in web hosting - and what it means for developers"},{"slug":"the-best-hosting-solution","title":"The Best Enterprise Hosting Solution: Top 3 Things To Look For"},{"slug":"webinar-open-source-power-of-typo3","title":"Better Together: The Open Source Power of TYPO3 CMS and amazee.io"},{"slug":"if-spotify-can-go-down-is-anyone-safe","title":"If Spotify can go down, is anyone safe?"},{"slug":"composable-architecture-and-drupal","title":"Composable Architecture: Why Drupal should be part of your Solution"},{"slug":"introducing-blaize-kaye","title":"Introducing our new Developer Experience and CI/CD Engineer – Blaize Kaye"},{"slug":"smartsheet-dedicated-kubernetes-based-web-hosting","title":"Supporting enterprise SaaS demand with dedicated Kubernetes-based web hosting"},{"slug":"meet-our-new-bizops-lead-ingrid-talbot","title":"Meet Ingrid Talbot, our BizOps Lead"},{"slug":"acquia-site-factory-vs-amazee-io-paas","title":"Acquia Site Factory vs amazee.io PaaS: Why amazee.io has the multisite hosting advantage you need"},{"slug":"welcome-to-the-team-martin","title":"Meet Martin Schlögl, our Head of Sales"},{"slug":"taoti-creative-and-amazee.io-breaking-free-from-limits-to-deliver-more","title":"Taoti Creative - Delivering more for Customers | amazee.io"},{"slug":"lagoon-cli-an-essential-tool-for-managing-lagoon-sites","title":"Lagoon-CLI — an essential tool for managing Lagoon sites."},{"slug":"driven-by-a-global-pandemic-the-world-is-changing","title":"Supporting COVID-19 Response Efforts"},{"slug":"why-were-moving-to-managed-kubernetes","title":"Why we’re moving to Managed Kubernetes"},{"slug":"global-distributed-and-open-source","title":"Proud to be Global, Distributed, and Open Source"},{"slug":"say-hi-to-tobi-nehrlich","title":"Say hi to Tobi Nehrlich, amazee.io’s Platform Lead"},{"slug":"how-to-prepare-your-website-for-high-traffic-events","title":"Case Study: Züri Fäscht — How to Prepare Your Website for High-Traffic Events"},{"slug":"introducing-stephanie-ogozaly-solutions-marketing-manager","title":"Meet Stephanie Ogozaly, our Solutions Marketing Manager"},{"slug":"new-content-marketing-manager-sophia-harris","title":"Say hi to our new Content Marketing Manager – Sophia Harris"},{"slug":"joint-webinar---the-future-of-web-development-and-hosting","title":"Joint Webinar - The future of web development and hosting: how to build performance apps for the modern web"},{"slug":"how-a-global-pharma-company-cut-application-delivery-costs","title":"EKS Migration - Cut App Delivery Costs by 60% | amazee.io"},{"slug":"unlocking-the-power-of-platform-engineering","title":"What Is Platform Engineering | amazee.io"},{"slug":"talking-kubernetes-on-talking-drupal-podcast","title":"Talking Kubernetes on Talking Drupal Podcast"},{"slug":"gitops-vs-devops","title":"GitOps vs. DevOps - What they are and why they are better together"},{"slug":"survive-a-high-traffic-event","title":"7 Tips: How to Survive a High-Traffic Event"},{"slug":"we-are-going-to-drupalcon-north-america","title":"We’re going to DrupalCon North America, April 12–16"},{"slug":"supporting-students-during-uncertain-times","title":"Supporting Students During Uncertain Times"},{"slug":"what-is-zeroops","title":"What is ZeroOps? Solving Your DevOps Challenges"},{"slug":"were-sponsoring-drupalgov-2020-australia","title":"We're Sponsoring, Attending and Speaking at DrupalGov 2020 in Australia"},{"slug":"crank-it-up-the-amazee-io-2021-playlist","title":"Crank It Up: The amazee.io 2021 Playlist Has Arrived"},{"slug":"what-is-webops","title":"What is WebOps? How does it Solve your Hosting Problems?"},{"slug":"matterport-autoscaling-to-meet-peak-demand-with-amazee.io-support","title":"Matterport: Autoscaling to meet peak demand with amazee.io support"},{"slug":"how-one-saas-company-saved-70k-in-startup-costs","title":"How one SaaS company saved $70k in startup costs and went to market a year faster"},{"slug":"govcms-case-study-managing-increased-website-demand","title":"GovCMS Case Study: managing increased website demand during COVID-19"},{"slug":"upcoming-webinar-how-governments-can-leverage-open-source","title":"Upcoming Webinar: How Governments can Leverage Open Source and the Cloud"},{"slug":"html-to-pdf-with-gotenberg-hosted-on-lagoon","title":"HTML to PDF with Gotenberg Hosted on Lagoon"},{"slug":"uptime-monitoring-explained","title":"Uptime Monitoring Explained"},{"slug":"lagoon-2020-roadmap","title":"Lagoon 2020 Roadmap"},{"slug":"what-to-expect-in-lagoon-1-3-0","title":"What to expect in Lagoon 1.3.0"},{"slug":"platform-as-a-service-hitting-the-wall","title":"Platform-as-a-Service: Are you hitting the wall with your Enterprise Drupal Hosting?"},{"slug":"see-you-at-drupalsouth-shorts-2021","title":"We’ll see you at DrupalSouth Shorts 2021"},{"slug":"the-top-7-webops-questions-answered","title":"The Top 7 WebOps Questions Answered"},{"slug":"what-were-releasing-in-lagoon-1.6.0-not-just-drupal-9-compatibility","title":"What we're releasing in Lagoon 1.6.0 - (not just Drupal 9 compatibility)"},{"slug":"welcome-johnny-squardo","title":"Welcome our new Support Engineer, Johnny Squardo"},{"slug":"lagoon-examples-silverstripe-cms","title":"Lagoon examples - Silverstripe CMS"},{"slug":"a-large-credential-stuffing-attack","title":"A Large Credential Stuffing Attack - How We Respond and Mitigate"},{"slug":"simply-push-your-code","title":"“Simply push your code.” What does that mean, exactly?"},{"slug":"open-source-companies-navigating-challenges","title":"Open Source Companies: Navigating Challenges and Building a Business on Open Source"},{"slug":"a-day-in-the-life-inside-lagoon-a-step-by-step-tutorial","title":"A day in the life inside Lagoon: A step-by-step tutorial demo"},{"slug":"amazeeio-is-now-a-kubernetes-certified-service-provider","title":"amazee.io is now a Kubernetes Certified Service Provider (KCSP)"},{"slug":"what-we-released-in-lagoon-1.9----the-ones-before","title":"What we released in Lagoon 1.9 – the one(s) before two"},{"slug":"white-paper-what-is-ci-cd","title":"What is CI/CD? A Primer on Continuous Integration and Continuous Delivery"},{"slug":"lando-and-lagoon-webinar","title":"Webinar: Simplifying your development workflow with Lando and Lagoon"},{"slug":"drupalgov-2020-sessions-recap","title":"DrupalGov 2020 Sessions Recap"},{"slug":"drupal-govcon-2020--here-we-come","title":"Drupal GovCon 2020 – Here We Come!"},{"slug":"a-warm-amazee.io-welcome-to-salvatore-pappalardo","title":"A warm amazee.io welcome to Salvatore Pappalardo – our new Systems Engineer"},{"slug":"amazee-io-as-your-composable-web-platform","title":"amazee.io as your composable web platform"},{"slug":"life-as-a-systems-engineer-at-amazee.io","title":"Life as a Systems Engineer at amazee.io"},{"slug":"lagoon-2.0-vision--what-were-working-on","title":"Lagoon 2.0 Vision – What We’re Working On"},{"slug":"joint-webinar-recap-developer-portals-as-a-service","title":"Joint Webinar Recap: Developer Portals as a Service, enabled by amazee.io"},{"slug":"see-you-at-drupalcon-europe-2020","title":"See You at DrupalCon Europe 2020"},{"slug":"our-new-partner-manager-bryan-gruneberg","title":"Meet our new Partner Manager — Bryan Gruneberg!"},{"slug":"meet-our-new-product-designer--ac-cowart","title":"Meet our new Product Designer – AC Cowart!"},{"slug":"powered-by-lagoon-managing-countless-csp-violations","title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility"},{"slug":"recap-the-first-ever-lagooncon","title":"Recap – The first-ever LagoonCon"},{"slug":"podcast-joining-an-open-source-start-up-to-scale-growth","title":"Podcast: Joining an Open Source Start-Up to Scale Growth"},{"slug":"what-arrived-in-lagoon-1.8.x--a-release-in-three-movements","title":"What arrived in Lagoon 1.8.x – a release in three movements"},{"slug":"origins-of-lagoon-drupaleasy-interview-with-michael-schmid","title":"Origins of Lagoon - Interview with Michael Schmid on Drupal Easy"},{"slug":"developerweek-global-cloud-2021","title":"We’ll be at DeveloperWeek Global: Cloud, September 14-15"},{"slug":"our-drupalcon-global-recap","title":"Our DrupalCon Global Recap"},{"slug":"learn-containers-5-minutes-at-a-time-a-preview","title":"Learn containers 5 minutes at a time: A preview"},{"slug":"office-hours","title":"Office Hours"},{"slug":"lagoon-hacktoberfest-2020-call-for-more-examples","title":"Lagoon Hacktoberfest 2020 – call for more examples!"},{"slug":"what-were-releasing-in-lagoon-1.7.0","title":"What we're releasing in Lagoon 1.7.0"},{"slug":"ceo-franz-karlsberger-takes-the-reins","title":"CEO Franz Karlsberger takes the reins"},{"slug":"webinar-how-to-run-blue-green-deployments-with-active-standby-on-lagoon","title":"Webinar: How to Run Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"why-we-use-and-recommend-lens-for-kubernetes","title":"Here’s why we use and recommend Lens for Kubernetes"},{"slug":"women-in-tech-spotlight-interview-witb-dania-gerhardt-co-founder-of-amazee-group","title":"Women in Tech Spotlight: Interview with Dania Gerhardt, Co-Founder of Amazee Group"},{"slug":"gitlab-contribution","title":"GitLab Contribution"},{"slug":"webinar-on-lagoon-2-0-deploy-into-kubernetes-and-more","title":"Webinar on Lagoon 2.0 — Deploy into Kubernetes and more!"},{"slug":"exploring-self-managed-kubernetes-heres-what-to-consider","title":"Exploring Self-Managed Kubernetes? Here’s what to consider:"},{"slug":"what-we-released-in-lagoon-1.5.0","title":"What we released in Lagoon 1.5.0"},{"slug":"what-we-released-in-lagoon-1.4.0-and-1.4.1","title":"What we released in Lagoon 1.4.0 (and 1.4.1)"},{"slug":"how-can-we-preserve-developers-freedom","title":"How can we preserve developers’ freedom? And other questions with amazee.io"},{"slug":"what-are-the-benefits-of-using-open-source-software","title":"What are the benefits of using open source software? And other questions with amazee.io"},{"slug":"drupalcon-highlights-video-another-great-year-of-open-source-events","title":"DrupalCon Highlights Video: Another Great Year of Open Source Events"},{"slug":"part-2-how-secure-are-you-in-2022","title":"Part 2: How secure are you in 2022?"},{"slug":"welcome-to-the-team-nicole-ritchie","title":"Welcome to the team, Nicole Richie!"},{"slug":"after-ten-years-as-a-back-end-developer-alanna-decided","title":"A warm amazee.io welcome to Alanna Burke, our new expert on Documentation, Training, and Developer Relations!"},{"slug":"joint-webinar-advanced-lando-ing-with-lagoon","title":"Joint Webinar: Advanced Lando-ing with Lagoon"},{"slug":"what-you-need-to-know-about-open-source-software-and-webops","title":"What you need to know about open source software and DevOps"},{"slug":"meet-us-at-drupalcon-europe-2021","title":"Meet us at DrupalCon Europe 2021"},{"slug":"your-workflow-your-way","title":"Your workflow, your way: Leveraging the Lagoon API for custom CI/CD pipelines & development workflows"},{"slug":"say-hi-to-martina-augurio","title":"Meet Martina Augurio, our Client Engagement Manager"},{"slug":"visit-our-booth-at-drupal-govcon-2021","title":"Visit our booth at Drupal GovCon 2021"},{"slug":"welcome-chris-goodwin","title":"Meet Chris Goodwin, our Software Engineer"},{"slug":"what-is-dedicated-cloud-and-why-you-should-move-to-it","title":"What is Dedicated Cloud? And Why You Should Move to It"},{"slug":"our-highlights-from-new-zealand-techweek2021","title":"Our highlights from New Zealand Techweek2021"},{"slug":"what-is-a-content-delivery-network-cdn","title":"What is a Content Delivery Network (CDN) – and why do you need one?"},{"slug":"watch-now-amazee-io-at-drupalsouth-shorts-2021","title":"Watch Now: amazee.io at DrupalSouth ‘Shorts’ 2021"},{"slug":"introducing-rolando-scott","title":"Meet Rolando Scott, our Technical Account Manager"},{"slug":"welcome-to-amazee-io-mihaela","title":"Meet Mihaela Gheorghe, our Support Engineer"},{"slug":"celebrating-5-years-of-making-developers-lives-easier","title":"Celebrating 5 years of Making Developers’ Lives Easier"},{"slug":"welcome-ashleigh-king","title":"Meet Ashleigh King, our Client Engagement Manager"},{"slug":"join-our-drupal4gov-september-webinar","title":"Join our Drupal4Gov webinar on how to survive high-traffic events"},{"slug":"welcome-cezary-rataj","title":"Welcome Cezary Rataj, our new Delivery Lead at amazee.io!"},{"slug":"master-the-fundamentals-of-k8s","title":"Master the Fundamentals of K8s:\nKubernetes 101 video series with Jeff Geerling"},{"slug":"website-uptime-guarantees-explained","title":"Website Uptime Guarantees Explained"},{"slug":"how-to-scale-kubernetes-with-a-small-team","title":"How to scale Kubernetes with a small team"},{"slug":"welcome-to-discord-lagoon","title":"Welcome to Discord, Lagoon"},{"slug":"should-developers-have-to-do-kubernetes","title":"Should developers have to do Kubernetes?"},{"slug":"say-hi-to-bree-benesh","title":"Say hi to Bree Benesh – amazee.io’s new Sales Solutions Architect"},{"slug":"recap-2023-composablenow","title":"Recap 2023 – ComposableNow: The Future of the Open Web"},{"slug":"welcome-henk-beld","title":"Welcome our new Sales Solutions Architect, Henk Beld, to the amazee.io team"},{"slug":"why-developers-need-devops-as-a-service","title":"Why developers need DevOps-as-a-Service: A solution to Kubernetes management and developer burnout"},{"slug":"welcome-pedro-alagoa","title":"Welcome Pedro Alagoa, our newest Software Engineer"},{"slug":"welcome-deeksha-kini","title":"Meet amazee.io's new Systems Support Engineer – Deeksha Kini"},{"slug":"k8s-101-is-kubernetes-essential-for-developers","title":"K8s 101: Is Kubernetes essential for developers? Here’s how to start using it today"},{"slug":"how-to-get-support-from-amazee-io","title":"How to get support from amazee.io"},{"slug":"what-is-containerized-hosting","title":"What is containerized hosting?"},{"slug":"benefits-of-kubernetes-with-lagoon","title":"Reaping the Benefits of Kubernetes \n(with Lagoon)"},{"slug":"website-security-risks-in-2022","title":"Which website security risks do you really need to worry about in 2022?"},{"slug":"how-to-simplify-your-data-sovereignty-strategy","title":"How to simplify your data sovereignty strategy"},{"slug":"new-platform-engineer-brittany-mitchell","title":"Meet our new Platform Engineer – Brittany Mitchell"},{"slug":"annai-partnership-announcement","title":"amazee.io and ANNAI Inc. Partner to Bring Open Source PaaS to Japan"},{"slug":"drupaljam-2025-the-power-of-community","title":"Drupaljam 2025: Big Ideas, Bold Tech, and the Power of Community"},{"slug":"introducing-private-ai-at-drupalcon-atlanta","title":"Introducing Private AI at DrupalCon Atlanta"},{"slug":"ai-llm-data-privacy-protection","title":"AI and LLM Data Privacy and Data Sovereignty: Navigating the Challenges"},{"slug":"experience-the-power-of-drupal-ai-for-free","title":"Experience the power of Drupal AI for free"},{"slug":"drupalcon-barcelona-2024-team-recap","title":"DrupalCon Barcelona 2024 - Team Recap"},{"slug":"recap-drupal-govcon-2024","title":"Drupal GovCon 2024 Recap"},{"slug":"lagooncon-portland-2024-recap","title":"LagoonCon Portland 2024 Recap"},{"slug":"drupalcon-portland-2024-recap","title":"DrupalCon Portland 2024 in 1,800 Words"},{"slug":"soc2-type2-attestation-report-announcement","title":"amazee.io Achieves SOC 2 Type 2 Attestation - Our Ongoing Commitment to Enterprise-Level Security"},{"slug":"aws-tokyo-cloud-region","title":"amazee.io Launches New Tokyo Cloud Region on AWS"},{"slug":"amazee-io-bolsters-enterprise-level-security-with-iso-27001-security-standard-certification","title":"amazee.io Bolsters Enterprise-Level Security with ISO 27001 Security Standard Certification"},{"slug":"thriving-in-tech-removing-barriers-for-black-professionals","title":"Thriving in Tech: Removing Barriers for Black Professionals"},{"slug":"comparably-awards-honor-amazee-io","title":"Comparably awards honor our Perks and Benefits and Company Compensation at amazee.io"},{"slug":"drupalcon-amsterdam-2019-recap","title":"DrupalCon Amsterdam 2019 Recap"},{"slug":"aws-government-competency","title":"amazee.io Achieves AWS Government Competency"},{"slug":"soc2-type1-attestation-report-announcement","title":"amazee.io Proves Enhanced Enterprise-Level Security with SOC2 Type1 Attestation Report"},{"slug":"salsa-digital-and-amazee-io-secure-new-contract-with-the-australian-department-of-finance-for-govcms","title":"Salsa Digital and amazee.io secure new contract with the Australian Department of Finance for GovCMS"}]},"legacy":false,"slug":"dependency-track-software-supply-chain-security","data":{"title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security","meta_title":"Managed Dependency-Track: Supply Chain Security in 2026","posted_on":"May 20, 2026","author_name":"Bree Benesh","author_image":"https://images.prismic.io/amazeeio/148378f3-3cfd-4007-bea3-c3d4126dd6d8_Bree.jpg?auto=compress%2Cformat","read_time":8,"tag":"Knowledge Base","faq":{"heading":"Frequently Asked Questions","faq_items":[{"faq_heading":"What is the core purpose of a software bill of materials (SBOM) management system?","faq_copy":{"html":"The core purpose of an SBOM management system (such as Dependency-Track) is to serve as a centralized, continuous inventory and vulnerability-matching engine for an organization’s entire software portfolio. Unlike standard, isolated security scanners that look at individual code repositories one by one, an SBOM management system provides fleet-wide visibility by:
Getting started with open source SBOM tooling requires a simple three-step approach: generation and management.
Choose a Generation Tool: Integrate an open source SBOM generator like Syft or Trivy into your local command-line interface or development environment. For PHP containers, Syft is the better choice due to its more robust component detection. Run a basic command to scan your container image (e.g., `syft local-container-name -o cyclonedx-json > sbom.local-container-name.json`).
Standardize the Format: Ensure your generation tool outputs data in an industry-standard, machine-readable format, ideally CycloneDX or SPDX, so different security platforms can read the inventory seamlessly.
Select a Management Layer: For an individual project, reading the raw JSON output is sufficient. However, as soon as you manage multiple applications, you will need to point those generated files to an open-source aggregation platform like Dependency-Track to start tracking vulnerabilities continuously.
","raw":[{"type":"paragraph","text":"Getting started with open source SBOM tooling requires a simple three-step approach: generation and management.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Choose a Generation Tool: Integrate an open source SBOM generator like Syft or Trivy into your local command-line interface or development environment. For PHP containers, Syft is the better choice due to its more robust component detection. Run a basic command to scan your container image (e.g., `syft local-container-name -o cyclonedx-json > sbom.local-container-name.json`).","spans":[{"start":0,"end":25,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Standardize the Format: Ensure your generation tool outputs data in an industry-standard, machine-readable format, ideally CycloneDX or SPDX, so different security platforms can read the inventory seamlessly.","spans":[{"start":0,"end":23,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Select a Management Layer: For an individual project, reading the raw JSON output is sufficient. However, as soon as you manage multiple applications, you will need to point those generated files to an open-source aggregation platform like Dependency-Track to start tracking vulnerabilities continuously.","spans":[{"start":0,"end":26,"type":"strong"}],"direction":"ltr"}],"text":"Getting started with open source SBOM tooling requires a simple three-step approach: generation and management. Choose a Generation Tool: Integrate an open source SBOM generator like Syft or Trivy into your local command-line interface or development environment. For PHP containers, Syft is the better choice due to its more robust component detection. Run a basic command to scan your container image (e.g., `syft local-container-name -o cyclonedx-json > sbom.local-container-name.json`). Standardize the Format: Ensure your generation tool outputs data in an industry-standard, machine-readable format, ideally CycloneDX or SPDX, so different security platforms can read the inventory seamlessly. Select a Management Layer: For an individual project, reading the raw JSON output is sufficient. However, as soon as you manage multiple applications, you will need to point those generated files to an open-source aggregation platform like Dependency-Track to start tracking vulnerabilities continuously."}},{"faq_heading":"How do you set up a dependency tracking tool for open-source components?","faq_copy":{"html":"Setting up an enterprise-grade dependency tracking tool via the self-managed (DIY) open-source path involves establishing three core architectural pillars:
The Hosting Environment: Provision the infrastructure required to run the core application stack. For a platform like Dependency-Track, this typically involves deploying a Java runtime environment alongside a highly optimized relational database, such as PostgreSQL, to handle intensive database queries.
The Intelligence Pipeline: Configure the platform to automatically pull from global vulnerability data streams, such as the GitHub Advisory Database, OSV, and the National Vulnerability Database (NVD).
The Day-Two Operational Routine: To keep the platform healthy long-term, you must dedicate engineering time to manage database scaling, fine-tune query performance, apply regular Java framework patches, and ensure background data feeds do not time out.
","raw":[{"type":"paragraph","text":"Setting up an enterprise-grade dependency tracking tool via the self-managed (DIY) open-source path involves establishing three core architectural pillars:\n","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The Hosting Environment: Provision the infrastructure required to run the core application stack. For a platform like Dependency-Track, this typically involves deploying a Java runtime environment alongside a highly optimized relational database, such as PostgreSQL, to handle intensive database queries.\n","spans":[{"start":0,"end":24,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"The Intelligence Pipeline: Configure the platform to automatically pull from global vulnerability data streams, such as the GitHub Advisory Database, OSV, and the National Vulnerability Database (NVD).\n","spans":[{"start":0,"end":26,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"The Day-Two Operational Routine: To keep the platform healthy long-term, you must dedicate engineering time to manage database scaling, fine-tune query performance, apply regular Java framework patches, and ensure background data feeds do not time out.","spans":[{"start":0,"end":32,"type":"strong"}],"direction":"ltr"}],"text":"Setting up an enterprise-grade dependency tracking tool via the self-managed (DIY) open-source path involves establishing three core architectural pillars:\n The Hosting Environment: Provision the infrastructure required to run the core application stack. For a platform like Dependency-Track, this typically involves deploying a Java runtime environment alongside a highly optimized relational database, such as PostgreSQL, to handle intensive database queries.\n The Intelligence Pipeline: Configure the platform to automatically pull from global vulnerability data streams, such as the GitHub Advisory Database, OSV, and the National Vulnerability Database (NVD).\n The Day-Two Operational Routine: To keep the platform healthy long-term, you must dedicate engineering time to manage database scaling, fine-tune query performance, apply regular Java framework patches, and ensure background data feeds do not time out."}},{"faq_heading":"What are the best practices for integrating a dependency vulnerability tracker into development workflows?","faq_copy":{"html":"To make a dependency vulnerability tracker operationally effective without disrupting software delivery teams, follow these industry best practices:
Dependency-Track bypasses the "NVD Gap", the critical window of time where the National Vulnerability Database delays processing and enriching new CVEs, by using Multi-Source Intelligence Aggregation.
Instead of relying on a single database, it continuously aggregates threat intelligence from alternative real-time feeds, including:
This multi-feed approach ensures that when a zero-day exploit emerges, your security team receives the necessary version-level visibility and remediation context within minutes, hours before the NVD completes its formal enrichment process.
","raw":[{"type":"paragraph","text":"Dependency-Track bypasses the \"NVD Gap\", the critical window of time where the National Vulnerability Database delays processing and enriching new CVEs, by using Multi-Source Intelligence Aggregation.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Instead of relying on a single database, it continuously aggregates threat intelligence from alternative real-time feeds, including:","spans":[],"direction":"ltr"},{"type":"list-item","text":"GitHub Advisory Database","spans":[],"direction":"ltr"},{"type":"list-item","text":"OSV (Open Source Vulnerability data)","spans":[],"direction":"ltr"},{"type":"list-item","text":"Snyk","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This multi-feed approach ensures that when a zero-day exploit emerges, your security team receives the necessary version-level visibility and remediation context within minutes, hours before the NVD completes its formal enrichment process.","spans":[],"direction":"ltr"}],"text":"Dependency-Track bypasses the \"NVD Gap\", the critical window of time where the National Vulnerability Database delays processing and enriching new CVEs, by using Multi-Source Intelligence Aggregation. Instead of relying on a single database, it continuously aggregates threat intelligence from alternative real-time feeds, including: GitHub Advisory Database OSV (Open Source Vulnerability data) Snyk This multi-feed approach ensures that when a zero-day exploit emerges, your security team receives the necessary version-level visibility and remediation context within minutes, hours before the NVD completes its formal enrichment process."}},{"faq_heading":"What is the operational difference between CVSS, EPSS, and VEX in vulnerability triage?","faq_copy":{"html":"To eliminate alert fatigue across software fleets, Dependency-Track combines three distinct signals to separate basic findings from urgent threats:
Using these together allows security teams to verify what is present (CVSS), prioritize what is actively dangerous (EPSS), and dismiss the noise (VEX).
","raw":[{"type":"paragraph","text":"To eliminate alert fatigue across software fleets, Dependency-Track combines three distinct signals to separate basic findings from urgent threats:","spans":[],"direction":"ltr"},{"type":"list-item","text":"CVSS (Common Vulnerability Scoring System): Measures the theoretical severity and potential impact of a vulnerability if fully exploited.","spans":[{"start":0,"end":42,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"EPSS (Exploit Prediction Scoring System): Measures the real-world likelihood that a vulnerability will actually be exploited in the wild, helping teams prioritize their actual backlogs.","spans":[{"start":0,"end":40,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"VEX (Vulnerability Exploitability eXchange): A documentation standard that allows your team to declare a vulnerability as non-exploitable because the underlying vulnerable code path is not reachable within your specific application context.","spans":[{"start":0,"end":43,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"Using these together allows security teams to verify what is present (CVSS), prioritize what is actively dangerous (EPSS), and dismiss the noise (VEX).","spans":[],"direction":"ltr"}],"text":"To eliminate alert fatigue across software fleets, Dependency-Track combines three distinct signals to separate basic findings from urgent threats: CVSS (Common Vulnerability Scoring System): Measures the theoretical severity and potential impact of a vulnerability if fully exploited. EPSS (Exploit Prediction Scoring System): Measures the real-world likelihood that a vulnerability will actually be exploited in the wild, helping teams prioritize their actual backlogs. VEX (Vulnerability Exploitability eXchange): A documentation standard that allows your team to declare a vulnerability as non-exploitable because the underlying vulnerable code path is not reachable within your specific application context. Using these together allows security teams to verify what is present (CVSS), prioritize what is actively dangerous (EPSS), and dismiss the noise (VEX)."}},{"faq_heading":"How does Managed Dependency-Track safeguard data sovereignty compared to commercial SaaS tools?","faq_copy":{"html":"Commercial SaaS security tools operate as a "black box," meaning your Software Bill of Materials (SBOM) and internal vulnerability data must be exported and stored within the vendor's multi-tenant public cloud footprint.
With amazee.io’s Managed Dependency-Track, your data security follows a strict "your data is your data" philosophy: Your SBOMs and vulnerability profiles remain isolated within your existing cloud boundaries (such as AWS or GCP).
It eliminates the risk of exposing sensitive infrastructure blueprints to a third-party shared database.
It keeps your platform fully compliant with stringent data-residency laws and frameworks such as DORA, SOC 2, and ISO 27001.
","raw":[{"type":"paragraph","text":"Commercial SaaS security tools operate as a \"black box,\" meaning your Software Bill of Materials (SBOM) and internal vulnerability data must be exported and stored within the vendor's multi-tenant public cloud footprint.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"With amazee.io’s Managed Dependency-Track, your data security follows a strict \"your data is your data\" philosophy: Your SBOMs and vulnerability profiles remain isolated within your existing cloud boundaries (such as AWS or GCP).","spans":[],"direction":"ltr"},{"type":"paragraph","text":"It eliminates the risk of exposing sensitive infrastructure blueprints to a third-party shared database.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"It keeps your platform fully compliant with stringent data-residency laws and frameworks such as DORA, SOC 2, and ISO 27001.","spans":[],"direction":"ltr"}],"text":"Commercial SaaS security tools operate as a \"black box,\" meaning your Software Bill of Materials (SBOM) and internal vulnerability data must be exported and stored within the vendor's multi-tenant public cloud footprint. With amazee.io’s Managed Dependency-Track, your data security follows a strict \"your data is your data\" philosophy: Your SBOMs and vulnerability profiles remain isolated within your existing cloud boundaries (such as AWS or GCP). It eliminates the risk of exposing sensitive infrastructure blueprints to a third-party shared database. It keeps your platform fully compliant with stringent data-residency laws and frameworks such as DORA, SOC 2, and ISO 27001."}},{"faq_heading":"Will continuous SBOM generation and ingestion slow down our CI/CD pipelines?","faq_copy":{"html":"No. When built into automated deployment workflows (like Lagoon), continuous SBOM generation uses highly efficient tools like Syft during the background "Insights gathering" step. In practice, this process only adds 20 to 60 seconds to an active deployment. This negligible timeline hit completely eliminates operational friction from manual uploads while ensuring your centralized fleet inventory remains fully current and auditable.
","raw":[{"type":"paragraph","text":"No. When built into automated deployment workflows (like Lagoon), continuous SBOM generation uses highly efficient tools like Syft during the background \"Insights gathering\" step. In practice, this process only adds 20 to 60 seconds to an active deployment. This negligible timeline hit completely eliminates operational friction from manual uploads while ensuring your centralized fleet inventory remains fully current and auditable.","spans":[{"start":0,"end":2,"type":"strong"}],"direction":"ltr"}],"text":"No. When built into automated deployment workflows (like Lagoon), continuous SBOM generation uses highly efficient tools like Syft during the background \"Insights gathering\" step. In practice, this process only adds 20 to 60 seconds to an active deployment. This negligible timeline hit completely eliminates operational friction from manual uploads while ensuring your centralized fleet inventory remains fully current and auditable."}}]},"body":[{"id":"4f2e8654-5317-59e4-af5e-5254f9fa29ba","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/agyGcqYofJOwHYho_amazee-io-managed-dependency-track-supply-chain-security-guide.png?auto=format,compress\")
\n
Put plainly by our Head of Product, Lauren Morris, in our recent webinar on Dependency-Track: “I eat Fritos all the time and purposely do not read the label. But sometimes you do want to know what you're putting in your body.”
Modern software works in a similar way. Every application is built on layers of dependencies, base images, and transitive components that evolve faster than most teams can track manually. A Software Bill of Materials (SBOM) provides a practical way to understand what is actually inside that stack. The comparison to nutrition labels fits neatly: you may not check every label every day, but when you need to know, that information becomes essential.
The core argument is simple: periodic scans are no longer enough. When a supply chain exploit emerges, organizations need visibility into their exposure in minutes, not days later. This guide explains how continuous SBOM monitoring works and why many teams choose a managed approach rather than operating the platform themselves.
","raw":[{"type":"heading2","text":"Introduction: The “Fritos” Problem of Modern Software","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Put plainly by our Head of Product, Lauren Morris, in our recent webinar on Dependency-Track: “I eat Fritos all the time and purposely do not read the label. But sometimes you do want to know what you're putting in your body.”","spans":[{"start":65,"end":92,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track","target":"_blank"}},{"start":65,"end":92,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Modern software works in a similar way. Every application is built on layers of dependencies, base images, and transitive components that evolve faster than most teams can track manually. A Software Bill of Materials (SBOM) provides a practical way to understand what is actually inside that stack. The comparison to nutrition labels fits neatly: you may not check every label every day, but when you need to know, that information becomes essential.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The core argument is simple: periodic scans are no longer enough. When a supply chain exploit emerges, organizations need visibility into their exposure in minutes, not days later. This guide explains how continuous SBOM monitoring works and why many teams choose a managed approach rather than operating the platform themselves.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Introduction: The “Fritos” Problem of Modern Software Put plainly by our Head of Product, Lauren Morris, in our recent webinar on Dependency-Track: “I eat Fritos all the time and purposely do not read the label. But sometimes you do want to know what you're putting in your body.” Modern software works in a similar way. Every application is built on layers of dependencies, base images, and transitive components that evolve faster than most teams can track manually. A Software Bill of Materials (SBOM) provides a practical way to understand what is actually inside that stack. The comparison to nutrition labels fits neatly: you may not check every label every day, but when you need to know, that information becomes essential. The core argument is simple: periodic scans are no longer enough. When a supply chain exploit emerges, organizations need visibility into their exposure in minutes, not days later. This guide explains how continuous SBOM monitoring works and why many teams choose a managed approach rather than operating the platform themselves. "}}},{"id":"9ac96af8-5de6-5c95-9206-41ac7cb8d914","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Dependency-Track is an open source, API-first Software Composition Analysis platform that ingests SBOMs, catalogs components, and continuously matches that inventory against vulnerability intelligence. The important framing is that it is a portfolio tool, not a 1:1 project tool.
That portfolio orientation matters because most organizations do not have one application. They have fleets. Dependency-Track is designed to answer questions across that fleet without turning every incident into a manual inventory exercise.
","raw":[{"type":"heading2","text":"What is Dependency-Track?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"Defining the Tool","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track is an open source, API-first Software Composition Analysis platform that ingests SBOMs, catalogs components, and continuously matches that inventory against vulnerability intelligence. The important framing is that it is a portfolio tool, not a 1:1 project tool.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"That portfolio orientation matters because most organizations do not have one application. They have fleets. Dependency-Track is designed to answer questions across that fleet without turning every incident into a manual inventory exercise.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What is Dependency-Track? Defining the Tool Dependency-Track is an open source, API-first Software Composition Analysis platform that ingests SBOMs, catalogs components, and continuously matches that inventory against vulnerability intelligence. The important framing is that it is a portfolio tool, not a 1:1 project tool. That portfolio orientation matters because most organizations do not have one application. They have fleets. Dependency-Track is designed to answer questions across that fleet without turning every incident into a manual inventory exercise. "}}},{"id":"15be09f7-9183-5820-b1cb-73b9d73698ac","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Dependency-Track is an OWASP project, which positions it as an open source standard and part of a security community that values transparency and shared practices. This aligns naturally with amazee.io’s “open source at the core” ethos.
","raw":[{"type":"heading3","text":"OWASP Origins","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track is an OWASP project, which positions it as an open source standard and part of a security community that values transparency and shared practices. This aligns naturally with amazee.io’s “open source at the core” ethos.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"OWASP Origins Dependency-Track is an OWASP project, which positions it as an open source standard and part of a security community that values transparency and shared practices. This aligns naturally with amazee.io’s “open source at the core” ethos. "}}},{"id":"a93e90ee-ed99-5d12-abd9-90a62dbf5b6d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"SBOMs are inventories of the contents of your software artifact. They can describe application dependencies, OS packages, and deeper layers of container images.
SBOMs become far more valuable when they’re generated automatically and ingested continuously, because security depends on both what you run and what the world discovers about what you run.
In practice, SBOMs help you answer:
The National Vulnerability Database (NVD) is the primary source of standardized vulnerability data, enriching CVEs with severity scores, affected products, and remediation guidance. But the NVD is not always fast. Processing and enrichment delays can leave security teams without critical context during the first hours of an incident, when exploit tooling spreads quickly and leadership wants immediate answers.
The goal is not to replace the NVD. It is to reduce the gap between knowing what software you have and understanding whether it is vulnerable.
","raw":[{"type":"heading2","text":"Solving the “NVD Gap”: Intelligence Beyond the Database","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"The National Vulnerability Database (NVD) Crisis","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The National Vulnerability Database (NVD) is the primary source of standardized vulnerability data, enriching CVEs with severity scores, affected products, and remediation guidance. But the NVD is not always fast. Processing and enrichment delays can leave security teams without critical context during the first hours of an incident, when exploit tooling spreads quickly and leadership wants immediate answers.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The goal is not to replace the NVD. It is to reduce the gap between knowing what software you have and understanding whether it is vulnerable.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Solving the “NVD Gap”: Intelligence Beyond the Database The National Vulnerability Database (NVD) Crisis The National Vulnerability Database (NVD) is the primary source of standardized vulnerability data, enriching CVEs with severity scores, affected products, and remediation guidance. But the NVD is not always fast. Processing and enrichment delays can leave security teams without critical context during the first hours of an incident, when exploit tooling spreads quickly and leadership wants immediate answers. The goal is not to replace the NVD. It is to reduce the gap between knowing what software you have and understanding whether it is vulnerable. "}}},{"id":"7b202666-853a-5535-bffb-076e5368be3d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"To close that gap, organizations aggregate intelligence from multiple sources, including GitHub Advisory Database, OSV, and Snyk.
The value is speed and context. Alternative feeds often publish affected ranges, remediation guidance, and exploit discussions before the NVD completes enrichment. Combining those sources gives teams faster answers and better data during active incidents.
","raw":[{"type":"heading3","text":"Multi-Source Intelligence Aggregation","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"To close that gap, organizations aggregate intelligence from multiple sources, including GitHub Advisory Database, OSV, and Snyk.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The value is speed and context. Alternative feeds often publish affected ranges, remediation guidance, and exploit discussions before the NVD completes enrichment. Combining those sources gives teams faster answers and better data during active incidents.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Multi-Source Intelligence Aggregation To close that gap, organizations aggregate intelligence from multiple sources, including GitHub Advisory Database, OSV, and Snyk. The value is speed and context. Alternative feeds often publish affected ranges, remediation guidance, and exploit discussions before the NVD completes enrichment. Combining those sources gives teams faster answers and better data during active incidents. "}}},{"id":"903e934c-6a55-5a20-a644-939f72029da9","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Aggregation matters most during fast-moving zero-day events. In our aforementioned webinar, amazee.io’s Principal Architect, Sean Hamlin, highlighted the recent Next.js RCE issue, in which bots began scanning the internet within hours of the disclosure.
The 2024 XZ Utils backdoor incident showed a different risk: a trusted low-level dependency becoming the target itself. In both cases, version-level visibility is essential for understanding real exposure.
But visibility only matters if inventory stays current, which is where automated ingestion becomes critical.
","raw":[{"type":"heading3","text":"Why Aggregation Matters for Zero-Day Threats","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Aggregation matters most during fast-moving zero-day events. In our aforementioned webinar, amazee.io’s Principal Architect, Sean Hamlin, highlighted the recent Next.js RCE issue, in which bots began scanning the internet within hours of the disclosure.","spans":[{"start":83,"end":90,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track","target":"_blank"}},{"start":83,"end":90,"type":"strong"},{"start":161,"end":179,"type":"hyperlink","data":{"link_type":"Web","url":"https://nextjs.org/blog/CVE-2025-66478","target":"_blank"}},{"start":161,"end":178,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"The 2024 XZ Utils backdoor incident showed a different risk: a trusted low-level dependency becoming the target itself. In both cases, version-level visibility is essential for understanding real exposure.","spans":[{"start":9,"end":35,"type":"hyperlink","data":{"link_type":"Web","url":"https://en.wikipedia.org/wiki/XZ_Utils_backdoor","target":"_blank"}},{"start":9,"end":35,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"But visibility only matters if inventory stays current, which is where automated ingestion becomes critical.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Aggregation Matters for Zero-Day Threats Aggregation matters most during fast-moving zero-day events. In our aforementioned webinar, amazee.io’s Principal Architect, Sean Hamlin, highlighted the recent Next.js RCE issue, in which bots began scanning the internet within hours of the disclosure. The 2024 XZ Utils backdoor incident showed a different risk: a trusted low-level dependency becoming the target itself. In both cases, version-level visibility is essential for understanding real exposure. But visibility only matters if inventory stays current, which is where automated ingestion becomes critical. "}}},{"id":"299828f9-1a6c-5c3d-9e88-60eef8e43781","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Dependency-Track is only as useful as the SBOM pipeline feeding it. Manual uploads don’t scale and often fail under stress. The goal is to generate SBOMs automatically and continuously ingest them, keeping the inventory current without heroics.
","raw":[{"type":"heading2","text":"Continuous Ingestion: Where Dependency-Track becomes Operational","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track is only as useful as the SBOM pipeline feeding it. Manual uploads don’t scale and often fail under stress. The goal is to generate SBOMs automatically and continuously ingest them, keeping the inventory current without heroics.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Continuous Ingestion: Where Dependency-Track becomes Operational Dependency-Track is only as useful as the SBOM pipeline feeding it. Manual uploads don’t scale and often fail under stress. The goal is to generate SBOMs automatically and continuously ingest them, keeping the inventory current without heroics. "}}},{"id":"e55f7de7-07a3-595e-b3d8-26a90d96a23e","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"At a high level, the pipeline needs two things: SBOMs generated automatically, and continuous ingestion into a central inventory. With Lagoon, this can be integrated into the deployment flow so teams don’t rely on manual uploads.
SBOM quality also matters. In the webinar, Sean referenced moving from Trivy to Syft because Syft can produce more complete labels. In the Lagoon context, SBOM generation typically adds 20-60 seconds to a deployment during the “Insights gathering” step, a manageable cost for continuous visibility.
Finally, closed-loop notifications using tools like Slack and Teams help you avoid living in the UI. The best practice is simple. The system should only notify you when a new CVE matches your existing inventory.
","raw":[{"type":"heading3","text":"CI/CD Integration Patterns (High-Level)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"At a high level, the pipeline needs two things: SBOMs generated automatically, and continuous ingestion into a central inventory. With Lagoon, this can be integrated into the deployment flow so teams don’t rely on manual uploads.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"SBOM quality also matters. In the webinar, Sean referenced moving from Trivy to Syft because Syft can produce more complete labels. In the Lagoon context, SBOM generation typically adds 20-60 seconds to a deployment during the “Insights gathering” step, a manageable cost for continuous visibility.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Finally, closed-loop notifications using tools like Slack and Teams help you avoid living in the UI. The best practice is simple. The system should only notify you when a new CVE matches your existing inventory.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"CI/CD Integration Patterns (High-Level) At a high level, the pipeline needs two things: SBOMs generated automatically, and continuous ingestion into a central inventory. With Lagoon, this can be integrated into the deployment flow so teams don’t rely on manual uploads. SBOM quality also matters. In the webinar, Sean referenced moving from Trivy to Syft because Syft can produce more complete labels. In the Lagoon context, SBOM generation typically adds 20-60 seconds to a deployment during the “Insights gathering” step, a manageable cost for continuous visibility. Finally, closed-loop notifications using tools like Slack and Teams help you avoid living in the UI. The best practice is simple. The system should only notify you when a new CVE matches your existing inventory. "}}},{"id":"041de476-8dc5-5c98-b99e-7535e03466ca","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Alert fatigue kills programs. Dependency-Track’s risk score is useful, but it should guide research and not trigger panic by itself. The goal of triage is to quickly separate “interesting” from “urgent,” and to document decisions so teams don’t re-litigate the same findings every time a scanner refreshes.
Two concepts help teams focus on what matters:
VEX lets you document non-exploitability when a vulnerable library exists, but the vulnerable code path is not reachable in your context. It’s how you turn “this shows up in the SBOM” into a defensible decision: present, but not exploitable here.
EPSS helps prioritize vulnerabilities that are more likely to be exploited in the wild, which is often more operationally useful than severity alone, especially when teams are staring at a long backlog.
Dependency-Track becomes essential as soon as you have enough services that spreadsheets become useless. In the webinar, Sean describes the calm workflow: search for a CVE, see affected projects immediately, and hand developers a targeted list instead of asking them to inventory everything during a crisis.
High-value fleet questions that Dependency-Track can answer:
In practice, teams usually consider one of three options:
DIY (open source): gives maximum transparency, but you operate the platform long-term.
Commercial SaaS: reduces operations but can introduce “black box” tradeoffs and data-residency constraints.
Managed Dependency-Track (amazee.io): keeps open source transparency while removing the day-two operational burden, with strong control over where data lives.
","raw":[{"type":"heading2","text":"Why Managed Dependency-Track?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"SCA Landscape: DIY vs. Commercial vs. Managed","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In practice, teams usually consider one of three options:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"DIY (open source): gives maximum transparency, but you operate the platform long-term.","spans":[{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Commercial SaaS: reduces operations but can introduce “black box” tradeoffs and data-residency constraints.","spans":[{"start":0,"end":17,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Managed Dependency-Track (amazee.io): keeps open source transparency while removing the day-two operational burden, with strong control over where data lives.","spans":[{"start":0,"end":36,"type":"strong"}],"direction":"ltr"},{"type":"heading3","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Managed Dependency-Track? SCA Landscape: DIY vs. Commercial vs. Managed In practice, teams usually consider one of three options: DIY (open source): gives maximum transparency, but you operate the platform long-term. Commercial SaaS: reduces operations but can introduce “black box” tradeoffs and data-residency constraints. Managed Dependency-Track (amazee.io): keeps open source transparency while removing the day-two operational burden, with strong control over where data lives. "}}},{"id":"fe767f55-1e46-54f7-8157-e48c18ad51af","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<table class="tg"> <thead> <tr> <th class="tg-0pky"><span style="font-weight:bold">Feature</span></th> <th class="tg-0pky"><span style="font-weight:bold">DIY (Standard Open Source)</span></th> <th class="tg-0pky"><span style="font-weight:bold">Commercial SaaS (Snyk, Black Duck, etc.)</span></th> <th class="tg-0pky"><span style="font-weight:bold">Managed Dependency-Track (amazee.io)</span></th> </tr> </thead> <tbody> <tr> <td class="tg-0pky"><span style="font-weight:bold">Direct Cost</span></td> <td class="tg-0pky">$0 (Licensing)</td> <td class="tg-0pky">High (Per-seat/Per-repo)</td> <td class="tg-0pky">Predictable (Tiered Pricing)</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Infrastructure</span></td> <td class="tg-0pky">You manage Java/PostgreSQL</td> <td class="tg-0pky">Proprietary "Black Box"</td> <td class="tg-0pky">Open Source (on optimized PaaS)</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Data Sovereignty</span></td> <td class="tg-0pky">Your Cloud</td> <td class="tg-0pky">Their Cloud</td> <td class="tg-0pky">Your Cloud (In isolation)</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Transparency</span></td> <td class="tg-0pky">Full (Source available)</td> <td class="tg-0pky">None (Proprietary)</td> <td class="tg-0pky">Full (Open source code/logic)</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Threat Feeds</span></td> <td class="tg-0pky">Manual Configuration</td> <td class="tg-0pky">Proprietary & Bundled</td> <td class="tg-0pky">Pre-configured (Multi-source)</td> </tr> <tr> <td class="tg-0pky"><span style="font-weight:bold">Compliance</span></td> <td class="tg-0pky">Your responsibility</td> <td class="tg-0pky">SOC 2 / ISO (on their end)</td> <td class="tg-0pky">SOC 2 / ISO / DORA Ready</td> </tr> </tbody> </table>
","raw":[{"type":"paragraph","text":"| Feature | DIY (Standard Open Source) | Commercial SaaS (Snyk, Black Duck, etc.) | Managed Dependency-Track (amazee.io) |
|---|---|---|---|
| Direct Cost | $0 (Licensing) | High (Per-seat/Per-repo) | Predictable (Tiered Pricing) |
| Infrastructure | You manage Java/PostgreSQL | Proprietary \"Black Box\" | Open Source (on optimized PaaS) |
| Data Sovereignty | Your Cloud | Their Cloud | Your Cloud (In isolation) |
| Transparency | Full (Source available) | None (Proprietary) | Full (Open source code/logic) |
| Threat Feeds | Manual Configuration | Proprietary & Bundled | Pre-configured (Multi-source) |
| Compliance | Your responsibility | SOC 2 / ISO (on their end) | SOC 2 / ISO / DORA Ready |
| Feature | DIY (Standard Open Source) | Commercial SaaS (Snyk, Black Duck, etc.) | Managed Dependency-Track (amazee.io) |
|---|---|---|---|
| Direct Cost | $0 (Licensing) | High (Per-seat/Per-repo) | Predictable (Tiered Pricing) |
| Infrastructure | You manage Java/PostgreSQL | Proprietary \"Black Box\" | Open Source (on optimized PaaS) |
| Data Sovereignty | Your Cloud | Their Cloud | Your Cloud (In isolation) |
| Transparency | Full (Source available) | None (Proprietary) | Full (Open source code/logic) |
| Threat Feeds | Manual Configuration | Proprietary & Bundled | Pre-configured (Multi-source) |
| Compliance | Your responsibility | SOC 2 / ISO (on their end) | SOC 2 / ISO / DORA Ready |
Here’s the key point: the hidden cost of DIY isn’t the first deployment. It’s the day-two work, such as upgrades, database tuning, feed health, monitoring, backups, and keeping the platform itself secure. If your goal is to reduce supply chain risk, the more time you spend operating the tool, the less time you spend reducing actual risk.
","raw":[{"type":"heading3","text":"The Infrastructure Overhead","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Here’s the key point: the hidden cost of DIY isn’t the first deployment. It’s the day-two work, such as upgrades, database tuning, feed health, monitoring, backups, and keeping the platform itself secure. If your goal is to reduce supply chain risk, the more time you spend operating the tool, the less time you spend reducing actual risk.","spans":[{"start":205,"end":339,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Infrastructure Overhead Here’s the key point: the hidden cost of DIY isn’t the first deployment. It’s the day-two work, such as upgrades, database tuning, feed health, monitoring, backups, and keeping the platform itself secure. If your goal is to reduce supply chain risk, the more time you spend operating the tool, the less time you spend reducing actual risk. "}}},{"id":"45677d47-5ca7-52f6-8fda-254a2015dbac","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"SBOMs and vulnerability posture can be sensitive. During Q&A, Lauren succinctly summarized the expectation: “Your data is your data.” For many teams, the requirement is that vulnerability and SBOM data stay within existing security boundaries in AWS, GCP, or another controlled environment, rather than living in a shared public cloud SaaS footprint.
Data sovereignty is also intertwined with compliance. If you need to prove control over where data lives and how it is accessed, the hosting model becomes part of your security story.
","raw":[{"type":"heading3","text":"Data Sovereignty and Compliance","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"SBOMs and vulnerability posture can be sensitive. During Q&A, Lauren succinctly summarized the expectation: “Your data is your data.” For many teams, the requirement is that vulnerability and SBOM data stay within existing security boundaries in AWS, GCP, or another controlled environment, rather than living in a shared public cloud SaaS footprint.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Data sovereignty is also intertwined with compliance. If you need to prove control over where data lives and how it is accessed, the hosting model becomes part of your security story.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Data Sovereignty and Compliance SBOMs and vulnerability posture can be sensitive. During Q&A, Lauren succinctly summarized the expectation: “Your data is your data.” For many teams, the requirement is that vulnerability and SBOM data stay within existing security boundaries in AWS, GCP, or another controlled environment, rather than living in a shared public cloud SaaS footprint. Data sovereignty is also intertwined with compliance. If you need to prove control over where data lives and how it is accessed, the hosting model becomes part of your security story. "}}},{"id":"2545da9e-6698-5aa5-a28f-527687cf3041","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Managed Dependency-Track focuses on removing the day-one configuration headache and the day-two operations burden. It also supports the deployment flexibility described by Sean, where instances can be provisioned in the location and cloud environment required by the customer.
The “inception” joke from the webinar illustrates how deep the integration can go. Sean described deploying Dependency-Track with Lagoon and using Dependency-Track to create SBOMs for Dependency-Track itself. It is funny, but it also demonstrates a platform mindset where continuous security is baked into how systems are delivered.
Managed hosting also ties into platform security. The goal is to meet SOC 2, ISO 27001, and DORA-oriented expectations through a managed approach that pre-configures feeds, reduces manual twiddling, and standardizes operations in a way that stands up to audits.
","raw":[{"type":"heading3","text":"amazee.io’s Managed Solution","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Managed Dependency-Track focuses on removing the day-one configuration headache and the day-two operations burden. It also supports the deployment flexibility described by Sean, where instances can be provisioned in the location and cloud environment required by the customer.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The “inception” joke from the webinar illustrates how deep the integration can go. Sean described deploying Dependency-Track with Lagoon and using Dependency-Track to create SBOMs for Dependency-Track itself. It is funny, but it also demonstrates a platform mindset where continuous security is baked into how systems are delivered.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Managed hosting also ties into platform security. The goal is to meet SOC 2, ISO 27001, and DORA-oriented expectations through a managed approach that pre-configures feeds, reduces manual twiddling, and standardizes operations in a way that stands up to audits.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"amazee.io’s Managed Solution Managed Dependency-Track focuses on removing the day-one configuration headache and the day-two operations burden. It also supports the deployment flexibility described by Sean, where instances can be provisioned in the location and cloud environment required by the customer. The “inception” joke from the webinar illustrates how deep the integration can go. Sean described deploying Dependency-Track with Lagoon and using Dependency-Track to create SBOMs for Dependency-Track itself. It is funny, but it also demonstrates a platform mindset where continuous security is baked into how systems are delivered. Managed hosting also ties into platform security. The goal is to meet SOC 2, ISO 27001, and DORA-oriented expectations through a managed approach that pre-configures feeds, reduces manual twiddling, and standardizes operations in a way that stands up to audits. "}}},{"id":"069b92f3-87f4-5ce3-80b9-37f4662e1cbb","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Teams tend to fall into the DIY trap because the software is free, only to realize the operational burden is high. Dependency-Track needs care, and vulnerability intelligence needs to stay healthy. Managed Dependency-Track keeps the transparency and cost-efficiency of open source while removing the operational overhead, so the organization can focus on remediation.
","raw":[{"type":"heading2","text":"Why Teams Choose Managed Dependency-Track","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Teams tend to fall into the DIY trap because the software is free, only to realize the operational burden is high. Dependency-Track needs care, and vulnerability intelligence needs to stay healthy. Managed Dependency-Track keeps the transparency and cost-efficiency of open source while removing the operational overhead, so the organization can focus on remediation.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Teams Choose Managed Dependency-Track Teams tend to fall into the DIY trap because the software is free, only to realize the operational burden is high. Dependency-Track needs care, and vulnerability intelligence needs to stay healthy. Managed Dependency-Track keeps the transparency and cost-efficiency of open source while removing the operational overhead, so the organization can focus on remediation. "}}},{"id":"24f006bf-a8c0-541a-bd98-c6fd150c3654","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths.
","raw":[{"type":"heading2","text":"Navigating the Shared Responsibility Framework","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Navigating the Shared Responsibility Framework In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths. "}}},{"id":"ddfbf9b1-2a6b-5c7c-814f-687b35d28b5b","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Stop fighting fires when the next CVE drops. With Managed Dependency-Track from amazee.io, you get a dedicated instance (within your cloud boundaries) that continuously matches your SBOM inventory to vulnerability intelligence and alerts you only when action is required.
Reach out to your amazee.io Client Engagement Manager or contact the amazee.io sales team to get started.
","raw":[{"type":"heading2","text":"Conclusion: From Fire Drills to Continuous Security","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Stop fighting fires when the next CVE drops. With Managed Dependency-Track from amazee.io, you get a dedicated instance (within your cloud boundaries) that continuously matches your SBOM inventory to vulnerability intelligence and alerts you only when action is required.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Reach out to your amazee.io Client Engagement Manager or contact the amazee.io sales team to get started.","spans":[],"direction":"ltr"}],"text":"Conclusion: From Fire Drills to Continuous Security Stop fighting fires when the next CVE drops. With Managed Dependency-Track from amazee.io, you get a dedicated instance (within your cloud boundaries) that continuously matches your SBOM inventory to vulnerability intelligence and alerts you only when action is required. Reach out to your amazee.io Client Engagement Manager or contact the amazee.io sales team to get started."}}},{"id":"49395c96-86cd-50cf-8975-6d58d1d2c688","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"👓 [Article] DDoS Attack Mitigation for Enterprises
👓 [Product Page] Managed Dependency-Track
👓 [Article] Fault-Tolerant Enterprise Hosting
","raw":[{"type":"heading2","text":"Further Reading","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Article] DDoS Attack Mitigation for Enterprises","spans":[{"start":13,"end":51,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/ddos-attack-mitigation-for-enterprises","target":"_blank"}},{"start":13,"end":51,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Product Page] Managed Dependency-Track","spans":[{"start":18,"end":42,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/product/dependency-track","target":"_blank"}},{"start":18,"end":42,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Article] Fault-Tolerant Enterprise Hosting","spans":[{"start":13,"end":46,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting","target":"_blank"}},{"start":13,"end":46,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Further Reading 👓 [Article] DDoS Attack Mitigation for Enterprises 👓 [Product Page] Managed Dependency-Track 👓 [Article] Fault-Tolerant Enterprise Hosting "}}}],"summary":"Learn how our Managed Dependency-Track delivers continuous software supply chain security, automated SBOM monitoring, and multi-source CVE intelligence.","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/agyGcqYofJOwHYho_amazee-io-managed-dependency-track-supply-chain-security-guide.png?auto=format%2Ccompress"}]}},{"topLevelBlogData":{"tags":[{"slug":"news","name":"News","include_in_header":true},{"slug":"tips-tricks","name":"Knowledge Base","include_in_header":true},{"slug":"culture","name":"Culture","include_in_header":true},{"slug":"success-stories","name":"Success Stories","include_in_header":false},{"slug":"roadmap","name":"Lagoon Roadmap","include_in_header":false},{"slug":"events","name":"Events","include_in_header":true}],"availablePrismicBlogs":[{"slug":"multi-region-failover-explained-cross-cloud-resilience","title":"Multi-Region Failover: Cross-Cloud Resilience Explained"},{"slug":"dependency-track-software-supply-chain-security","title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security"},{"slug":"drupal-dev-days-athens-2026-recap","title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal"},{"slug":"byoc-bring-your-own-cloud-guide","title":"Bring Your Own Cloud (BYOC): The Hosting Architecture of Trust for 2026"},{"slug":"fault-tolerant-enterprise-hosting","title":"Fault-Tolerant Enterprise Hosting: From Self-Healing Infrastructure to Deployment Strategies That Never Fail"},{"slug":"ab-bark-road-playlist-2026","title":"Ab-bark Road – amazee.io Team Playlist 2026"},{"slug":"apm-and-observability","title":"APM and Observability: Essential Platforms for Modern Enterprises"},{"slug":"women-in-tech-nicole-ritchie","title":"Women in Tech - Q&A with Nicole Ritchie, Customer Success Lead"},{"slug":"kitty-stardust-playlist-2025","title":"Kitty Stardust – amazee.io Team Playlist 2025"},{"slug":"fully-managed-secured-data-hosting-service","title":"Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"},{"slug":"high-scalability-hosting-for-drupal-projects","title":"High Scalability Hosting for Your Enterprise Drupal Projects"},{"slug":"drupalcon-europe-2025-vienna-recap","title":"DrupalCon Europe 2025 - Vienna: Recap"},{"slug":"amazeeio-acquires-amazeelabs","title":"The amazee Reunion: amazee.io Acquires Amazee Labs, Reuniting Two Tech Powerhouses"},{"slug":"women-in-tech-brittany-mitchell","title":"Women in Tech - Q&A with Brittany Mitchell, Platform Engineer"},{"slug":"women-in-tech-bree-benesh","title":"Women in Tech - Q&A with Bree Benesh, Product Experience Manager"},{"slug":"women-in-tech-deeksha-kini","title":"Women in Tech - Q&A with Deeksha Kini, Systems Support Engineer"},{"slug":"drupal-hosting-iso-27001-certification","title":"Your Enterprise Security Advantage: ISO/IEC 27001 Certified Drupal Hosting Excellence"},{"slug":"women-in-tech-lauren-morris","title":"Women in Tech - Q&A with Lauren Morris, Head of Product"},{"slug":"drupals-strategic-ai-initiative-our-commitment","title":"Our Commitment to Drupal’s Strategic AI Initiative"},{"slug":"introducing-brittany-bailey","title":"Welcome, Brittany Bailey, our new Delivery Manager"},{"slug":"introducing-lanette-miller","title":"Meet Lanette Miller, our new Technical Account Manager"},{"slug":"introducing-ryan-price","title":"Introducing Ryan Price, our new Technical Account Manager"},{"slug":"introducing-katywalsh","title":"Introducing Katy Walsh, our new Marketing Lead"},{"slug":"enterprise-drupal-migrations-done-right","title":"From Monoliths to Multi-Sites: Two Stories of Enterprise Drupal Website Migrations Done Right"},{"slug":"ddos-attack-mitigation-for-enterprises","title":"DDoS Attack Mitigation for Enterprises: Protect Your Digital Properties"},{"slug":"future-of-work-conference-2024-highlights","title":"Future of Work Conference 2024: Highlights and Key Takeaways"},{"slug":"headless-drupal-basics-for-enterprises","title":"Headless Drupal Basics For Modern Enterprises"},{"slug":"update-from-franz","title":"A personal update from Franz on stepping back from his role as CEO of amazee.io"},{"slug":"push-your-code-well-handle-the-rest","title":"Push Your Code. We’ll Handle The Rest."},{"slug":"data-pipelines-for-rag","title":"Data Pipelines for RAG"},{"slug":"building-a-private-llm-chatbot-learnings-insights","title":"Building a Private LLM Chatbot: Learning and Insights"},{"slug":"drupal-7-end-of-life","title":"Drupal 7 End of Life: How We Help"},{"slug":"introducing-dimitra-chatzichrysou","title":"Meet amazee.io’s new Platform Engineer, Dimitra Chatzichrysou"},{"slug":"welcome-karl-hepworth","title":"Welcome, Karl Hepworth, amazee.io’s new Platform Engineer"},{"slug":"lagoon-v220-release","title":"Lagoon V2.20 Release: New Features and Enhancements"},{"slug":"introducing-lauren-morris","title":"Welcome, Lauren Morris, Our New Product Manager at amazee.io!"},{"slug":"meet-glyn-davies","title":"Meet Glyn Davies, our new Platform Engineer!"},{"slug":"introducing-laura-caraker","title":"Introducing Laura Caraker, our new Sales Representative"},{"slug":"introducing-sailonlagoon","title":"Provision and Deploy Laravel on amazee.io - Introducing Sail:onLagoon"},{"slug":"building-a-private-llm-chatbot","title":"Building a Private LLM Chatbot from Technical Documentation: Challenges and Solutions"},{"slug":"what-is-green-web-hosting","title":"What is Green Web Hosting?"},{"slug":"cdn-waf-enhancing-protecting-your-website","title":"CDN + WAF: Enhancing and Protecting Your Website"},{"slug":"automating-migrations-between-lagoon-clusters-and-embracing-managed-kubernetes","title":"Automating Migrations Between Lagoon Clusters, and Embracing Managed Kubernetes"},{"slug":"asynchronous-communication-in-a-globally-remote-team","title":"Asynchronous Communication in a Globally Remote Team"},{"slug":"a-new-home-and-platform-for-our-lagoon-documentation","title":"A New Home (and Platform) for Our Lagoon Documentation"},{"slug":"amazee-io-joins-aws-isv-accelerate-program","title":"amazee.io joins AWS ISV Accelerate Program to accelerate developer experience"},{"slug":"austin-sprint-week-recap","title":"Support for Native Kubernetes – Austin Sprint Week Recap"},{"slug":"amazeeio-now-available-in-aws-marketplace","title":"amazee.io – Now Available in AWS Marketplace"},{"slug":"amazee.io--a-worldwide-family","title":"amazee.io – a worldwide family"},{"slug":"amazee-io-joins-mirantis","title":"Taking steps to further improve the developer experience: amazee.io joins Mirantis"},{"slug":"amazee-io-recognized-with-aws-devops-software-competency","title":"amazee.io recognized with AWS DevOps Software Competency"},{"slug":"are-you-ready-for-drupalsouth-shorts","title":"Are you ready for DrupalSouth Shorts?"},{"slug":"amazee-io-virtual-birthday-panel","title":"Join us for amazee.io’s Virtual Birthday Panel!"},{"slug":"a-marketers-perspective-on-web-hosting","title":"A Marketer’s Perspective on Switching Hosting Providers"},{"slug":"5-key-reasons-more-businesses-are-relying-on-webops","title":"5 Key Reasons More Businesses are Relying on WebOps in 2022"},{"slug":"announcing-lando-integration-for-lagoon","title":"Announcing Lando Integration for Lagoon"},{"slug":"amazee-io-earns-high-performer-ranking","title":"amazee.io earns High Performer ranking in Web Hosting and Continuous Delivery on G2"},{"slug":"live-uncover-hidden-vulnerabilities-with-dependency-track","title":"Webinar: Uncover Hidden Vulnerabilities - Continuous Software Security with Dependency-Track"},{"slug":"sounds-like-team-spirit-playlist-2024","title":"Sounds Like Team Spirit – amazee.io Team Playlist 2024"},{"slug":"drupal-dxp-built-for-decoupled-enterprise-hosting","title":"Drupal: The DXP Built for Decoupled Enterprise Website Hosting"},{"slug":"why-enterprises-turn-to-private-ai-solutions","title":"Webinar: Why Smart Enterprises Are Turning to Private AI Solutions"},{"slug":"webinar-launch-drupal-ai-provider","title":"Webinar: Private Drupal AI Provider – From Demo to Launch"},{"slug":"drupalcon-na-2021-recap-the-amazee-io-sessions","title":"DrupalCon North America 2021 Recap: The amazee.io Sessions"},{"slug":"meet-brand-ambassador-jason-lewis","title":"Welcome Jason Lewis, our Brand Ambassador"},{"slug":"meet-matt-swann","title":"Meet Matt Swan, our new UX Product Designer"},{"slug":"welcome-jay-porter","title":"Meet Jay Porter, our Technical Account Manager"},{"slug":"webinar-recap-lagoon-insights","title":"Webinar Recap: Lagoon Insights"},{"slug":"say-hello-to-peter-wettstein","title":"Say hello to Peter, our new Technical Account Manager"},{"slug":"what-was-the-cwp-for-the-new-zealand-government-and-whats-next","title":"What was the CWP for the New Zealand Government — and what's next?"},{"slug":"lagoon-2-is-available-now","title":"Lagoon 2 is Available Now! Here’s What’s New"},{"slug":"welcome-bobby-our-new-technical-account-manager","title":"Meet Bobby Kindle, our Technical Account Manager"},{"slug":"webinar-recap-how-to-simplify-your-development-workflow","title":"Webinar Recap: How to simplify your development workflow with Lando and Lagoon"},{"slug":"were-going-to-drupalcon-global","title":"We’re going to DrupalCon Global — see you online!"},{"slug":"webinar-recap-blue-green-deployments-with-activestandby","title":"Webinar Recap: Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"get-to-know-a-tam-sean-hamlin","title":"Get to Know a Technical Account Management Lead: Sean Hamlin"},{"slug":"lagoon-insights-webinar","title":"Lagoon Insights webinar"},{"slug":"introducing-nicole-laine","title":"Introducing Nicole Laine, our Digital Marketing and Advertising Specialist!"},{"slug":"joint-webinar-recap-the-future-of-web-development","title":"Joint Webinar Recap: The Future of Web Development and Hosting"},{"slug":"joint-webinar-recap-advanced-lando-ing-with-lagoon","title":"Joint Webinar Recap: Advanced Lando-ing with Lagoon"},{"slug":"joint-webinar-devportal-as-a-service-enabled-by-amazeeio","title":"Joint Webinar - DevPortal as a Service, deployed wherever the customer needs it, enabled by amazee.io"},{"slug":"is-cloud-native-too-hard-to-hire-for","title":"Is cloud native too hard to hire for? amazee.io can help simplify the process. Here’s how."},{"slug":"drupalcon-europe-2020-speaker-video-replay","title":"DrupalCon Europe 2020 Speaker Video Replay"},{"slug":"welcome-to-the-team-jonathan-peter","title":"Welcome to the team, Jonathan Peter – our new IT LEAD!"},{"slug":"webinar-drupal-ai-private-by-design","title":"Webinar: AI for Drupal - Private-by-Design"},{"slug":"drupal-content-distribution-solutions","title":"Drupal Content Distribution Solutions"},{"slug":"composable-web-drupal-web-hosting-and-the-future-of-web-architectures","title":"Composable web: Drupal web hosting and the future of web architectures"},{"slug":"will-greener-hosting-help","title":"Will greener hosting help reduce my website’s carbon emissions?"},{"slug":"dedicated-cloud-an-introductory-guide","title":"Dedicated Cloud: An Introductory Guide to Hosting Drupal and Other Enterprise CMS Software"},{"slug":"join-us-in-welcoming-toby-bellwood--our-new-product","title":"Join us in welcoming Toby Bellwood – our new Product Lead!"},{"slug":"preparing-lagoon-for-drupal-9-launch-day","title":"Preparing Lagoon for Drupal 9 Launch Day"},{"slug":"lagoon-implements-active-standby-a-blue-green-deploy-solution","title":"Lagoon implements “Active/Standby” - A Blue-Green Deploy Solution"},{"slug":"badcamping-virtually-together","title":"BADCamping Virtually Together"},{"slug":"amazee-io-launches-agency-partner-program","title":"amazee.io launches first Agency Partner Program, creating reseller and referral opportunities for agencies around the world"},{"slug":"amazee.io-catalyst-cloud-sparks-panel-discussion","title":"Webinar Recap: How Governments Can Leverage Open Source and the Cloud"},{"slug":"join-amazee-io-at-new-zealand-techweek2021","title":"Join us at New Zealand Techweek2021"},{"slug":"webinar-data-sovereignty-enterprise-drupal-publishing-workflows","title":"Webinar: Drupal Publishing Workflows and Data Sovereignty"},{"slug":"webinar-recap-lagoon-2.0-deploy-into-kubernetes-and","title":"Webinar RECAP: Lagoon 2.0: Deploy into Kubernetes and more!"},{"slug":"meet-us-at-cloudfest-2022","title":"Meet Us At CloudFest 2022"},{"slug":"top-benefits-of-cicd-in-web-hosting","title":"Top benefits of CI/CD in web hosting - and what it means for developers"},{"slug":"the-best-hosting-solution","title":"The Best Enterprise Hosting Solution: Top 3 Things To Look For"},{"slug":"webinar-open-source-power-of-typo3","title":"Better Together: The Open Source Power of TYPO3 CMS and amazee.io"},{"slug":"if-spotify-can-go-down-is-anyone-safe","title":"If Spotify can go down, is anyone safe?"},{"slug":"composable-architecture-and-drupal","title":"Composable Architecture: Why Drupal should be part of your Solution"},{"slug":"introducing-blaize-kaye","title":"Introducing our new Developer Experience and CI/CD Engineer – Blaize Kaye"},{"slug":"smartsheet-dedicated-kubernetes-based-web-hosting","title":"Supporting enterprise SaaS demand with dedicated Kubernetes-based web hosting"},{"slug":"meet-our-new-bizops-lead-ingrid-talbot","title":"Meet Ingrid Talbot, our BizOps Lead"},{"slug":"acquia-site-factory-vs-amazee-io-paas","title":"Acquia Site Factory vs amazee.io PaaS: Why amazee.io has the multisite hosting advantage you need"},{"slug":"welcome-to-the-team-martin","title":"Meet Martin Schlögl, our Head of Sales"},{"slug":"taoti-creative-and-amazee.io-breaking-free-from-limits-to-deliver-more","title":"Taoti Creative - Delivering more for Customers | amazee.io"},{"slug":"lagoon-cli-an-essential-tool-for-managing-lagoon-sites","title":"Lagoon-CLI — an essential tool for managing Lagoon sites."},{"slug":"driven-by-a-global-pandemic-the-world-is-changing","title":"Supporting COVID-19 Response Efforts"},{"slug":"why-were-moving-to-managed-kubernetes","title":"Why we’re moving to Managed Kubernetes"},{"slug":"global-distributed-and-open-source","title":"Proud to be Global, Distributed, and Open Source"},{"slug":"say-hi-to-tobi-nehrlich","title":"Say hi to Tobi Nehrlich, amazee.io’s Platform Lead"},{"slug":"how-to-prepare-your-website-for-high-traffic-events","title":"Case Study: Züri Fäscht — How to Prepare Your Website for High-Traffic Events"},{"slug":"introducing-stephanie-ogozaly-solutions-marketing-manager","title":"Meet Stephanie Ogozaly, our Solutions Marketing Manager"},{"slug":"new-content-marketing-manager-sophia-harris","title":"Say hi to our new Content Marketing Manager – Sophia Harris"},{"slug":"joint-webinar---the-future-of-web-development-and-hosting","title":"Joint Webinar - The future of web development and hosting: how to build performance apps for the modern web"},{"slug":"how-a-global-pharma-company-cut-application-delivery-costs","title":"EKS Migration - Cut App Delivery Costs by 60% | amazee.io"},{"slug":"unlocking-the-power-of-platform-engineering","title":"What Is Platform Engineering | amazee.io"},{"slug":"talking-kubernetes-on-talking-drupal-podcast","title":"Talking Kubernetes on Talking Drupal Podcast"},{"slug":"gitops-vs-devops","title":"GitOps vs. DevOps - What they are and why they are better together"},{"slug":"survive-a-high-traffic-event","title":"7 Tips: How to Survive a High-Traffic Event"},{"slug":"we-are-going-to-drupalcon-north-america","title":"We’re going to DrupalCon North America, April 12–16"},{"slug":"supporting-students-during-uncertain-times","title":"Supporting Students During Uncertain Times"},{"slug":"what-is-zeroops","title":"What is ZeroOps? Solving Your DevOps Challenges"},{"slug":"were-sponsoring-drupalgov-2020-australia","title":"We're Sponsoring, Attending and Speaking at DrupalGov 2020 in Australia"},{"slug":"crank-it-up-the-amazee-io-2021-playlist","title":"Crank It Up: The amazee.io 2021 Playlist Has Arrived"},{"slug":"what-is-webops","title":"What is WebOps? How does it Solve your Hosting Problems?"},{"slug":"matterport-autoscaling-to-meet-peak-demand-with-amazee.io-support","title":"Matterport: Autoscaling to meet peak demand with amazee.io support"},{"slug":"how-one-saas-company-saved-70k-in-startup-costs","title":"How one SaaS company saved $70k in startup costs and went to market a year faster"},{"slug":"govcms-case-study-managing-increased-website-demand","title":"GovCMS Case Study: managing increased website demand during COVID-19"},{"slug":"upcoming-webinar-how-governments-can-leverage-open-source","title":"Upcoming Webinar: How Governments can Leverage Open Source and the Cloud"},{"slug":"html-to-pdf-with-gotenberg-hosted-on-lagoon","title":"HTML to PDF with Gotenberg Hosted on Lagoon"},{"slug":"uptime-monitoring-explained","title":"Uptime Monitoring Explained"},{"slug":"lagoon-2020-roadmap","title":"Lagoon 2020 Roadmap"},{"slug":"what-to-expect-in-lagoon-1-3-0","title":"What to expect in Lagoon 1.3.0"},{"slug":"platform-as-a-service-hitting-the-wall","title":"Platform-as-a-Service: Are you hitting the wall with your Enterprise Drupal Hosting?"},{"slug":"see-you-at-drupalsouth-shorts-2021","title":"We’ll see you at DrupalSouth Shorts 2021"},{"slug":"the-top-7-webops-questions-answered","title":"The Top 7 WebOps Questions Answered"},{"slug":"what-were-releasing-in-lagoon-1.6.0-not-just-drupal-9-compatibility","title":"What we're releasing in Lagoon 1.6.0 - (not just Drupal 9 compatibility)"},{"slug":"welcome-johnny-squardo","title":"Welcome our new Support Engineer, Johnny Squardo"},{"slug":"lagoon-examples-silverstripe-cms","title":"Lagoon examples - Silverstripe CMS"},{"slug":"a-large-credential-stuffing-attack","title":"A Large Credential Stuffing Attack - How We Respond and Mitigate"},{"slug":"simply-push-your-code","title":"“Simply push your code.” What does that mean, exactly?"},{"slug":"open-source-companies-navigating-challenges","title":"Open Source Companies: Navigating Challenges and Building a Business on Open Source"},{"slug":"a-day-in-the-life-inside-lagoon-a-step-by-step-tutorial","title":"A day in the life inside Lagoon: A step-by-step tutorial demo"},{"slug":"amazeeio-is-now-a-kubernetes-certified-service-provider","title":"amazee.io is now a Kubernetes Certified Service Provider (KCSP)"},{"slug":"what-we-released-in-lagoon-1.9----the-ones-before","title":"What we released in Lagoon 1.9 – the one(s) before two"},{"slug":"white-paper-what-is-ci-cd","title":"What is CI/CD? A Primer on Continuous Integration and Continuous Delivery"},{"slug":"lando-and-lagoon-webinar","title":"Webinar: Simplifying your development workflow with Lando and Lagoon"},{"slug":"drupalgov-2020-sessions-recap","title":"DrupalGov 2020 Sessions Recap"},{"slug":"drupal-govcon-2020--here-we-come","title":"Drupal GovCon 2020 – Here We Come!"},{"slug":"a-warm-amazee.io-welcome-to-salvatore-pappalardo","title":"A warm amazee.io welcome to Salvatore Pappalardo – our new Systems Engineer"},{"slug":"amazee-io-as-your-composable-web-platform","title":"amazee.io as your composable web platform"},{"slug":"life-as-a-systems-engineer-at-amazee.io","title":"Life as a Systems Engineer at amazee.io"},{"slug":"lagoon-2.0-vision--what-were-working-on","title":"Lagoon 2.0 Vision – What We’re Working On"},{"slug":"joint-webinar-recap-developer-portals-as-a-service","title":"Joint Webinar Recap: Developer Portals as a Service, enabled by amazee.io"},{"slug":"see-you-at-drupalcon-europe-2020","title":"See You at DrupalCon Europe 2020"},{"slug":"our-new-partner-manager-bryan-gruneberg","title":"Meet our new Partner Manager — Bryan Gruneberg!"},{"slug":"meet-our-new-product-designer--ac-cowart","title":"Meet our new Product Designer – AC Cowart!"},{"slug":"powered-by-lagoon-managing-countless-csp-violations","title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility"},{"slug":"recap-the-first-ever-lagooncon","title":"Recap – The first-ever LagoonCon"},{"slug":"podcast-joining-an-open-source-start-up-to-scale-growth","title":"Podcast: Joining an Open Source Start-Up to Scale Growth"},{"slug":"what-arrived-in-lagoon-1.8.x--a-release-in-three-movements","title":"What arrived in Lagoon 1.8.x – a release in three movements"},{"slug":"origins-of-lagoon-drupaleasy-interview-with-michael-schmid","title":"Origins of Lagoon - Interview with Michael Schmid on Drupal Easy"},{"slug":"developerweek-global-cloud-2021","title":"We’ll be at DeveloperWeek Global: Cloud, September 14-15"},{"slug":"our-drupalcon-global-recap","title":"Our DrupalCon Global Recap"},{"slug":"learn-containers-5-minutes-at-a-time-a-preview","title":"Learn containers 5 minutes at a time: A preview"},{"slug":"office-hours","title":"Office Hours"},{"slug":"lagoon-hacktoberfest-2020-call-for-more-examples","title":"Lagoon Hacktoberfest 2020 – call for more examples!"},{"slug":"what-were-releasing-in-lagoon-1.7.0","title":"What we're releasing in Lagoon 1.7.0"},{"slug":"ceo-franz-karlsberger-takes-the-reins","title":"CEO Franz Karlsberger takes the reins"},{"slug":"webinar-how-to-run-blue-green-deployments-with-active-standby-on-lagoon","title":"Webinar: How to Run Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"why-we-use-and-recommend-lens-for-kubernetes","title":"Here’s why we use and recommend Lens for Kubernetes"},{"slug":"women-in-tech-spotlight-interview-witb-dania-gerhardt-co-founder-of-amazee-group","title":"Women in Tech Spotlight: Interview with Dania Gerhardt, Co-Founder of Amazee Group"},{"slug":"gitlab-contribution","title":"GitLab Contribution"},{"slug":"webinar-on-lagoon-2-0-deploy-into-kubernetes-and-more","title":"Webinar on Lagoon 2.0 — Deploy into Kubernetes and more!"},{"slug":"exploring-self-managed-kubernetes-heres-what-to-consider","title":"Exploring Self-Managed Kubernetes? Here’s what to consider:"},{"slug":"what-we-released-in-lagoon-1.5.0","title":"What we released in Lagoon 1.5.0"},{"slug":"what-we-released-in-lagoon-1.4.0-and-1.4.1","title":"What we released in Lagoon 1.4.0 (and 1.4.1)"},{"slug":"how-can-we-preserve-developers-freedom","title":"How can we preserve developers’ freedom? And other questions with amazee.io"},{"slug":"what-are-the-benefits-of-using-open-source-software","title":"What are the benefits of using open source software? And other questions with amazee.io"},{"slug":"drupalcon-highlights-video-another-great-year-of-open-source-events","title":"DrupalCon Highlights Video: Another Great Year of Open Source Events"},{"slug":"part-2-how-secure-are-you-in-2022","title":"Part 2: How secure are you in 2022?"},{"slug":"welcome-to-the-team-nicole-ritchie","title":"Welcome to the team, Nicole Richie!"},{"slug":"after-ten-years-as-a-back-end-developer-alanna-decided","title":"A warm amazee.io welcome to Alanna Burke, our new expert on Documentation, Training, and Developer Relations!"},{"slug":"joint-webinar-advanced-lando-ing-with-lagoon","title":"Joint Webinar: Advanced Lando-ing with Lagoon"},{"slug":"what-you-need-to-know-about-open-source-software-and-webops","title":"What you need to know about open source software and DevOps"},{"slug":"meet-us-at-drupalcon-europe-2021","title":"Meet us at DrupalCon Europe 2021"},{"slug":"your-workflow-your-way","title":"Your workflow, your way: Leveraging the Lagoon API for custom CI/CD pipelines & development workflows"},{"slug":"say-hi-to-martina-augurio","title":"Meet Martina Augurio, our Client Engagement Manager"},{"slug":"visit-our-booth-at-drupal-govcon-2021","title":"Visit our booth at Drupal GovCon 2021"},{"slug":"welcome-chris-goodwin","title":"Meet Chris Goodwin, our Software Engineer"},{"slug":"what-is-dedicated-cloud-and-why-you-should-move-to-it","title":"What is Dedicated Cloud? And Why You Should Move to It"},{"slug":"our-highlights-from-new-zealand-techweek2021","title":"Our highlights from New Zealand Techweek2021"},{"slug":"what-is-a-content-delivery-network-cdn","title":"What is a Content Delivery Network (CDN) – and why do you need one?"},{"slug":"watch-now-amazee-io-at-drupalsouth-shorts-2021","title":"Watch Now: amazee.io at DrupalSouth ‘Shorts’ 2021"},{"slug":"introducing-rolando-scott","title":"Meet Rolando Scott, our Technical Account Manager"},{"slug":"welcome-to-amazee-io-mihaela","title":"Meet Mihaela Gheorghe, our Support Engineer"},{"slug":"celebrating-5-years-of-making-developers-lives-easier","title":"Celebrating 5 years of Making Developers’ Lives Easier"},{"slug":"welcome-ashleigh-king","title":"Meet Ashleigh King, our Client Engagement Manager"},{"slug":"join-our-drupal4gov-september-webinar","title":"Join our Drupal4Gov webinar on how to survive high-traffic events"},{"slug":"welcome-cezary-rataj","title":"Welcome Cezary Rataj, our new Delivery Lead at amazee.io!"},{"slug":"master-the-fundamentals-of-k8s","title":"Master the Fundamentals of K8s:\nKubernetes 101 video series with Jeff Geerling"},{"slug":"website-uptime-guarantees-explained","title":"Website Uptime Guarantees Explained"},{"slug":"how-to-scale-kubernetes-with-a-small-team","title":"How to scale Kubernetes with a small team"},{"slug":"welcome-to-discord-lagoon","title":"Welcome to Discord, Lagoon"},{"slug":"should-developers-have-to-do-kubernetes","title":"Should developers have to do Kubernetes?"},{"slug":"say-hi-to-bree-benesh","title":"Say hi to Bree Benesh – amazee.io’s new Sales Solutions Architect"},{"slug":"recap-2023-composablenow","title":"Recap 2023 – ComposableNow: The Future of the Open Web"},{"slug":"welcome-henk-beld","title":"Welcome our new Sales Solutions Architect, Henk Beld, to the amazee.io team"},{"slug":"why-developers-need-devops-as-a-service","title":"Why developers need DevOps-as-a-Service: A solution to Kubernetes management and developer burnout"},{"slug":"welcome-pedro-alagoa","title":"Welcome Pedro Alagoa, our newest Software Engineer"},{"slug":"welcome-deeksha-kini","title":"Meet amazee.io's new Systems Support Engineer – Deeksha Kini"},{"slug":"k8s-101-is-kubernetes-essential-for-developers","title":"K8s 101: Is Kubernetes essential for developers? Here’s how to start using it today"},{"slug":"how-to-get-support-from-amazee-io","title":"How to get support from amazee.io"},{"slug":"what-is-containerized-hosting","title":"What is containerized hosting?"},{"slug":"benefits-of-kubernetes-with-lagoon","title":"Reaping the Benefits of Kubernetes \n(with Lagoon)"},{"slug":"website-security-risks-in-2022","title":"Which website security risks do you really need to worry about in 2022?"},{"slug":"how-to-simplify-your-data-sovereignty-strategy","title":"How to simplify your data sovereignty strategy"},{"slug":"new-platform-engineer-brittany-mitchell","title":"Meet our new Platform Engineer – Brittany Mitchell"},{"slug":"annai-partnership-announcement","title":"amazee.io and ANNAI Inc. Partner to Bring Open Source PaaS to Japan"},{"slug":"drupaljam-2025-the-power-of-community","title":"Drupaljam 2025: Big Ideas, Bold Tech, and the Power of Community"},{"slug":"introducing-private-ai-at-drupalcon-atlanta","title":"Introducing Private AI at DrupalCon Atlanta"},{"slug":"ai-llm-data-privacy-protection","title":"AI and LLM Data Privacy and Data Sovereignty: Navigating the Challenges"},{"slug":"experience-the-power-of-drupal-ai-for-free","title":"Experience the power of Drupal AI for free"},{"slug":"drupalcon-barcelona-2024-team-recap","title":"DrupalCon Barcelona 2024 - Team Recap"},{"slug":"recap-drupal-govcon-2024","title":"Drupal GovCon 2024 Recap"},{"slug":"lagooncon-portland-2024-recap","title":"LagoonCon Portland 2024 Recap"},{"slug":"drupalcon-portland-2024-recap","title":"DrupalCon Portland 2024 in 1,800 Words"},{"slug":"soc2-type2-attestation-report-announcement","title":"amazee.io Achieves SOC 2 Type 2 Attestation - Our Ongoing Commitment to Enterprise-Level Security"},{"slug":"aws-tokyo-cloud-region","title":"amazee.io Launches New Tokyo Cloud Region on AWS"},{"slug":"amazee-io-bolsters-enterprise-level-security-with-iso-27001-security-standard-certification","title":"amazee.io Bolsters Enterprise-Level Security with ISO 27001 Security Standard Certification"},{"slug":"thriving-in-tech-removing-barriers-for-black-professionals","title":"Thriving in Tech: Removing Barriers for Black Professionals"},{"slug":"comparably-awards-honor-amazee-io","title":"Comparably awards honor our Perks and Benefits and Company Compensation at amazee.io"},{"slug":"drupalcon-amsterdam-2019-recap","title":"DrupalCon Amsterdam 2019 Recap"},{"slug":"aws-government-competency","title":"amazee.io Achieves AWS Government Competency"},{"slug":"soc2-type1-attestation-report-announcement","title":"amazee.io Proves Enhanced Enterprise-Level Security with SOC2 Type1 Attestation Report"},{"slug":"salsa-digital-and-amazee-io-secure-new-contract-with-the-australian-department-of-finance-for-govcms","title":"Salsa Digital and amazee.io secure new contract with the Australian Department of Finance for GovCMS"}]},"legacy":false,"slug":"drupal-dev-days-athens-2026-recap","data":{"title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal","meta_title":"Drupal Dev Days Athens 2026: AI & Vibe Coding Recap","posted_on":"May 05, 2026","author_name":"Daniel Lemon","author_image":"https://images.prismic.io/amazeeio/aDgwFidWJ-7kSq8E_Daniel-Lemon.jpg?auto=format%2Ccompress","read_time":5.5,"tag":"Knowledge Base","faq":{"heading":"Frequently Asked Questions","faq_items":[]},"body":[{"id":"1ba573b1-f72a-5115-b807-6af649d509b1","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/afnr28BOoF08xoKW_drupal-developer-days-athens-2026-amazee-io-vibe-coding.jpg?auto=format,compress\")
\n
The Drupal Dev Days Athens 2026 conference marked a pivotal shift toward agentic workflows and digital sovereignty. Key takeaways for the open source community include:
\n ![\"A](\"https://images.prismic.io/amazeeio/afnvV8BOoF08xoMr_drupal-dev-days-athens-2026-team-parthenon-little-kook.jpg?auto=format,compress\")
\n
Walking through the streets of Athens before the sessions kicked off, it was impossible not to feel the weight of history and the warmth of the Greek people. That same hospitality carried directly into the venue, where the energy felt more like a gathering of old friends than a rigid tech conference. While reconnecting with community members I have known for years is always a highlight, there was something uniquely grounding about meeting the new wave of developers, those with less than a year of experience who are already looking at Drupal through a completely different lens.
Before the sessions started, we took the time to immerse ourselves in the local culture, which is inseparable from the event's atmosphere. Whether it was the shared plates of dolmadakia or the general buzz of the city, the Greek spirit of “philoxenia”, the love of strangers, was everywhere. To top things off, there was even a Greek liqueur tasting BoF (Birds of a Feather) session. Let’s just say that after sampling a few local spirits, the "community" part of "come for the code, stay for the community" felt very literal. It was the perfect way to close a week of intense learning.
Witnessing twenty students dive into the “Drupal in a Day” workshop was a powerful reminder that the ecosystem is still going strong. They weren't just learning the basics of the Drupal CMS; they were immediately putting modern tools into practice, prompting AI with our anonymous free trials from amazee.ai, to see how “canvas AI”, alt-text generation, and other features work out of the box. It is a stark contrast to the early days of Drupal, where the learning curve was a mountain; now, with AI acting as the lift that gets people to the summit much faster.
","raw":[{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading2","text":"From the Agora to the Codebase: The Spirit of Athens","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Walking through the streets of Athens before the sessions kicked off, it was impossible not to feel the weight of history and the warmth of the Greek people. That same hospitality carried directly into the venue, where the energy felt more like a gathering of old friends than a rigid tech conference. While reconnecting with community members I have known for years is always a highlight, there was something uniquely grounding about meeting the new wave of developers, those with less than a year of experience who are already looking at Drupal through a completely different lens.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Before the sessions started, we took the time to immerse ourselves in the local culture, which is inseparable from the event's atmosphere. Whether it was the shared plates of dolmadakia or the general buzz of the city, the Greek spirit of “philoxenia”, the love of strangers, was everywhere. To top things off, there was even a Greek liqueur tasting BoF (Birds of a Feather) session. Let’s just say that after sampling a few local spirits, the \"community\" part of \"come for the code, stay for the community\" felt very literal. It was the perfect way to close a week of intense learning.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Witnessing twenty students dive into the “Drupal in a Day” workshop was a powerful reminder that the ecosystem is still going strong. They weren't just learning the basics of the Drupal CMS; they were immediately putting modern tools into practice, prompting AI with our anonymous free trials from amazee.ai, to see how “canvas AI”, alt-text generation, and other features work out of the box. It is a stark contrast to the early days of Drupal, where the learning curve was a mountain; now, with AI acting as the lift that gets people to the summit much faster.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" From the Agora to the Codebase: The Spirit of Athens Walking through the streets of Athens before the sessions kicked off, it was impossible not to feel the weight of history and the warmth of the Greek people. That same hospitality carried directly into the venue, where the energy felt more like a gathering of old friends than a rigid tech conference. While reconnecting with community members I have known for years is always a highlight, there was something uniquely grounding about meeting the new wave of developers, those with less than a year of experience who are already looking at Drupal through a completely different lens. Before the sessions started, we took the time to immerse ourselves in the local culture, which is inseparable from the event's atmosphere. Whether it was the shared plates of dolmadakia or the general buzz of the city, the Greek spirit of “philoxenia”, the love of strangers, was everywhere. To top things off, there was even a Greek liqueur tasting BoF (Birds of a Feather) session. Let’s just say that after sampling a few local spirits, the \"community\" part of \"come for the code, stay for the community\" felt very literal. It was the perfect way to close a week of intense learning. Witnessing twenty students dive into the “Drupal in a Day” workshop was a powerful reminder that the ecosystem is still going strong. They weren't just learning the basics of the Drupal CMS; they were immediately putting modern tools into practice, prompting AI with our anonymous free trials from amazee.ai, to see how “canvas AI”, alt-text generation, and other features work out of the box. It is a stark contrast to the early days of Drupal, where the learning curve was a mountain; now, with AI acting as the lift that gets people to the summit much faster. "}}},{"id":"3b31efbe-60b8-5497-a23f-039ba08811ac","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/afnvp8BOoF08xoM6_athens-city-panorama-hydra-donkey-acropolis-museum.jpg?auto=format,compress\")
\n
Isabel Santamaria and Fiorella Moragón Alcaraz delivered a standout session on the practical use cases of AI. It was particularly rewarding to hear them highlight amazee.ai as their Drupal AI Provider of choice, demonstrating how our infrastructure delivers a data-sovereign solution for those looking to use AI in their projects. For two people brand new to the Drupal event circuit, their ability to demonstrate how AI actually solves problems helped set the tone for the week.
Frederick Wouter’s keynote pushed the boundaries even further when he built and deployed real-time forms using his AI agents with Drupal. While he was weaving a story about ancient Greece and Dries Buytaert's history, these agents were busy in the background. The crowd was visibly impressed as people began receiving emails and texts live, all “vibe coded” by the agent during the presentation. Frederick didn't just talk about the future; he ran a live demonstration of how autonomous content frameworks can engage an audience in real-time.
Following that energy, Frederick organized a friendly “Vibe Coding” competition, where I served as a judge alongside Marcus Johansson, Valery Lourie, and Frederick Wouter. Participants spent 2 hours building out projects, then presented their solutions to us. Bill Seremetis took home the gold with "Talos," a security tool focusing on log parsing that has the clear potential to become a real business product. Tim Diels, our silver medalist, presented a demo with a vital community use case: a tool to track whether companies are actively contributing back to Drupal. Dipak Yadev rounded out the winners with a bronze, delivering a clean presentation and a flawless live demo. Congratulations to all three! We are excited to see what they do with their amazeeClaw instances and new AI budgets!
","raw":[{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading2","text":"From Myth to Mechanism: AI as a Practical Tool","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Isabel Santamaria and Fiorella Moragón Alcaraz delivered a standout session on the practical use cases of AI. It was particularly rewarding to hear them highlight amazee.ai as their Drupal AI Provider of choice, demonstrating how our infrastructure delivers a data-sovereign solution for those looking to use AI in their projects. For two people brand new to the Drupal event circuit, their ability to demonstrate how AI actually solves problems helped set the tone for the week.","spans":[{"start":176,"end":210,"type":"hyperlink","data":{"link_type":"Web","url":"https://amazee.ai/drupal-ai-provider","target":"_blank"}},{"start":176,"end":210,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Frederick Wouter’s keynote pushed the boundaries even further when he built and deployed real-time forms using his AI agents with Drupal. While he was weaving a story about ancient Greece and Dries Buytaert's history, these agents were busy in the background. The crowd was visibly impressed as people began receiving emails and texts live, all “vibe coded” by the agent during the presentation. Frederick didn't just talk about the future; he ran a live demonstration of how autonomous content frameworks can engage an audience in real-time.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Following that energy, Frederick organized a friendly “Vibe Coding” competition, where I served as a judge alongside Marcus Johansson, Valery Lourie, and Frederick Wouter. Participants spent 2 hours building out projects, then presented their solutions to us. Bill Seremetis took home the gold with \"Talos,\" a security tool focusing on log parsing that has the clear potential to become a real business product. Tim Diels, our silver medalist, presented a demo with a vital community use case: a tool to track whether companies are actively contributing back to Drupal. Dipak Yadev rounded out the winners with a bronze, delivering a clean presentation and a flawless live demo. Congratulations to all three! We are excited to see what they do with their amazeeClaw instances and new AI budgets!","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" From Myth to Mechanism: AI as a Practical Tool Isabel Santamaria and Fiorella Moragón Alcaraz delivered a standout session on the practical use cases of AI. It was particularly rewarding to hear them highlight amazee.ai as their Drupal AI Provider of choice, demonstrating how our infrastructure delivers a data-sovereign solution for those looking to use AI in their projects. For two people brand new to the Drupal event circuit, their ability to demonstrate how AI actually solves problems helped set the tone for the week. Frederick Wouter’s keynote pushed the boundaries even further when he built and deployed real-time forms using his AI agents with Drupal. While he was weaving a story about ancient Greece and Dries Buytaert's history, these agents were busy in the background. The crowd was visibly impressed as people began receiving emails and texts live, all “vibe coded” by the agent during the presentation. Frederick didn't just talk about the future; he ran a live demonstration of how autonomous content frameworks can engage an audience in real-time. Following that energy, Frederick organized a friendly “Vibe Coding” competition, where I served as a judge alongside Marcus Johansson, Valery Lourie, and Frederick Wouter. Participants spent 2 hours building out projects, then presented their solutions to us. Bill Seremetis took home the gold with \"Talos,\" a security tool focusing on log parsing that has the clear potential to become a real business product. Tim Diels, our silver medalist, presented a demo with a vital community use case: a tool to track whether companies are actively contributing back to Drupal. Dipak Yadev rounded out the winners with a bronze, delivering a clean presentation and a flawless live demo. Congratulations to all three! We are excited to see what they do with their amazeeClaw instances and new AI budgets! "}}},{"id":"1666cd5b-ee7e-5af4-bf40-6de7155fb71e","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"An](\"https://images.prismic.io/amazeeio/afnwkMBOoF08xoNe_drupal-developer-days-athens-2026-awards-ceremony.jpg?auto=format,compress\")
\n
One of the most profound takeaways came from Jürgen Haas’ keynote on the lessons learned from five years of the ECA module. He reminded us that the most critical part of the process happens before a single line of code is written. His approach to building in the open from day one is a masterclass in client relations. By framing open source as a standard part of the delivery rather than an afterthought, he explained how to eliminate the fear of proprietary loss and build a culture of shared feedback.
This human-centric focus was echoed in the fireside chat between Dries Buytaert and Professor Dimosthenis Anagnostopoulos, which touched on the vital importance of digital sovereignty. Even in a world increasingly dominated by artificial intelligence, the most valuable assets we have are our human decision-making processes and the transparency of our community. Whether we are discussing EU-branded sites or the roadmap for Drupal AI, the underlying theme is the same: technology should empower users, not lock them in.
","raw":[{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading2","text":"Socratic Code: Logic, Dialogue, and Open Source","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"One of the most profound takeaways came from Jürgen Haas’ keynote on the lessons learned from five years of the ECA module. He reminded us that the most critical part of the process happens before a single line of code is written. His approach to building in the open from day one is a masterclass in client relations. By framing open source as a standard part of the delivery rather than an afterthought, he explained how to eliminate the fear of proprietary loss and build a culture of shared feedback.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This human-centric focus was echoed in the fireside chat between Dries Buytaert and Professor Dimosthenis Anagnostopoulos, which touched on the vital importance of digital sovereignty. Even in a world increasingly dominated by artificial intelligence, the most valuable assets we have are our human decision-making processes and the transparency of our community. Whether we are discussing EU-branded sites or the roadmap for Drupal AI, the underlying theme is the same: technology should empower users, not lock them in.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" Socratic Code: Logic, Dialogue, and Open Source One of the most profound takeaways came from Jürgen Haas’ keynote on the lessons learned from five years of the ECA module. He reminded us that the most critical part of the process happens before a single line of code is written. His approach to building in the open from day one is a masterclass in client relations. By framing open source as a standard part of the delivery rather than an afterthought, he explained how to eliminate the fear of proprietary loss and build a culture of shared feedback. This human-centric focus was echoed in the fireside chat between Dries Buytaert and Professor Dimosthenis Anagnostopoulos, which touched on the vital importance of digital sovereignty. Even in a world increasingly dominated by artificial intelligence, the most valuable assets we have are our human decision-making processes and the transparency of our community. Whether we are discussing EU-branded sites or the roadmap for Drupal AI, the underlying theme is the same: technology should empower users, not lock them in. "}}},{"id":"3e176052-fd56-53a9-a109-0ba30b38c0cb","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/afnxFcBOoF08xoNy_drupal-developer-days-athens-2026-expert-panel-discussion.jpg?auto=format,compress\")
\n
The week felt like a transition period for our community, perhaps best encapsulated by John Albin’s keynote on the intersection of emotional intelligence and AI psychology. John took us on a deep dive into the evolution of the human brain, arguing that our biology is effectively the “legacy code” that still dictates how we collaborate today. He explored how the human neocortex, the seat of complex thought and language, is constantly negotiating with our more primitive emotional systems. By understanding these psychological frameworks, John suggested we can move beyond just “prompting” AI and start building systems that actually respect human agency and emotional well-being. It was a powerful reminder that the kindness and intelligence of the Drupal community are not just cultural quirks; they are biological strengths we must leverage as we design the future of AI.
","raw":[{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading2","text":"Rebuilding the Polis in Code","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The week felt like a transition period for our community, perhaps best encapsulated by John Albin’s keynote on the intersection of emotional intelligence and AI psychology. John took us on a deep dive into the evolution of the human brain, arguing that our biology is effectively the “legacy code” that still dictates how we collaborate today. He explored how the human neocortex, the seat of complex thought and language, is constantly negotiating with our more primitive emotional systems. By understanding these psychological frameworks, John suggested we can move beyond just “prompting” AI and start building systems that actually respect human agency and emotional well-being. It was a powerful reminder that the kindness and intelligence of the Drupal community are not just cultural quirks; they are biological strengths we must leverage as we design the future of AI.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" Rebuilding the Polis in Code The week felt like a transition period for our community, perhaps best encapsulated by John Albin’s keynote on the intersection of emotional intelligence and AI psychology. John took us on a deep dive into the evolution of the human brain, arguing that our biology is effectively the “legacy code” that still dictates how we collaborate today. He explored how the human neocortex, the seat of complex thought and language, is constantly negotiating with our more primitive emotional systems. By understanding these psychological frameworks, John suggested we can move beyond just “prompting” AI and start building systems that actually respect human agency and emotional well-being. It was a powerful reminder that the kindness and intelligence of the Drupal community are not just cultural quirks; they are biological strengths we must leverage as we design the future of AI. "}}},{"id":"7523d1f4-cf13-54fb-9213-a3bf2deb0401","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/afnyOsBOoF08xoOZ_drupal-developer-days-athens-2026-collaborative-sprint-session.jpg?auto=format,compress\")
\n
We saw this community evolution reflected across the technical sessions as well, from Mori Sugimoto’s work leveraging RAG to provide context for Japanese translations, ensuring that critical actions like “Publish” carry the correct cultural weight, to Klaus Purer’s introduction of Mago for automated code formatting and analysis. Even as the “Future Without Juniors” session addressed the shifting market, it reinforced our collective responsibility to protect the space for new talent to grow fiercely. Whether we were diving into configuration schema or streamlining LocalGov translations, the underlying thread was clear: we are building a more sophisticated, globally-aware ecosystem.
The conference ended as all the best ones do: with the simple joy of sharing a meal with friends in a friendly city. Athens reminded us that technology is just a tool. The real work is staying open, sharing early, and finding the others who want to build something that lasts. We left Greece with more than just a recap video and some slides; we left with a renewed sense of what is possible when you combine ancient hospitality with cutting-edge innovation.
","raw":[{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We saw this community evolution reflected across the technical sessions as well, from Mori Sugimoto’s work leveraging RAG to provide context for Japanese translations, ensuring that critical actions like “Publish” carry the correct cultural weight, to Klaus Purer’s introduction of Mago for automated code formatting and analysis. Even as the “Future Without Juniors” session addressed the shifting market, it reinforced our collective responsibility to protect the space for new talent to grow fiercely. Whether we were diving into configuration schema or streamlining LocalGov translations, the underlying thread was clear: we are building a more sophisticated, globally-aware ecosystem.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The conference ended as all the best ones do: with the simple joy of sharing a meal with friends in a friendly city. Athens reminded us that technology is just a tool. The real work is staying open, sharing early, and finding the others who want to build something that lasts. We left Greece with more than just a recap video and some slides; we left with a renewed sense of what is possible when you combine ancient hospitality with cutting-edge innovation.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" We saw this community evolution reflected across the technical sessions as well, from Mori Sugimoto’s work leveraging RAG to provide context for Japanese translations, ensuring that critical actions like “Publish” carry the correct cultural weight, to Klaus Purer’s introduction of Mago for automated code formatting and analysis. Even as the “Future Without Juniors” session addressed the shifting market, it reinforced our collective responsibility to protect the space for new talent to grow fiercely. Whether we were diving into configuration schema or streamlining LocalGov translations, the underlying thread was clear: we are building a more sophisticated, globally-aware ecosystem. The conference ended as all the best ones do: with the simple joy of sharing a meal with friends in a friendly city. Athens reminded us that technology is just a tool. The real work is staying open, sharing early, and finding the others who want to build something that lasts. We left Greece with more than just a recap video and some slides; we left with a renewed sense of what is possible when you combine ancient hospitality with cutting-edge innovation. "}}},{"id":"929a68cf-bc3c-5433-9a60-888aea3778ff","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/afnyvcBOoF08xoOz_drupal-developer-days-athens-2026-group-photo-greek-drupal-community.jpg?auto=format,compress\")
\n
In traditional managed hosting, the provider owns the cloud account where your data lives. In BYOC, you own the cloud account (AWS, GCP, or Azure), and the provider "plugs in" their management platform. You retain the keys, logs, and data, while the provider handles 24/7 operations and maintenance.
","raw":[{"type":"paragraph","text":"In traditional managed hosting, the provider owns the cloud account where your data lives. In BYOC, you own the cloud account (AWS, GCP, or Azure), and the provider \"plugs in\" their management platform. You retain the keys, logs, and data, while the provider handles 24/7 operations and maintenance.","spans":[],"direction":"ltr"}],"text":"In traditional managed hosting, the provider owns the cloud account where your data lives. In BYOC, you own the cloud account (AWS, GCP, or Azure), and the provider \"plugs in\" their management platform. You retain the keys, logs, and data, while the provider handles 24/7 operations and maintenance."}},{"faq_heading":"Why does amazee.io need \"Owner\" or \"Contributor\" permissions in my cloud account?","faq_copy":{"html":"These elevated permissions are essential for self-healing infrastructure. To ensure high availability, the platform must automatically provision replacement nodes, update load balancers, and reconfigure networking in real time during an incident (e.g., a 2:00 AM hardware failure) without waiting for human approval.
","raw":[{"type":"paragraph","text":"These elevated permissions are essential for self-healing infrastructure. To ensure high availability, the platform must automatically provision replacement nodes, update load balancers, and reconfigure networking in real time during an incident (e.g., a 2:00 AM hardware failure) without waiting for human approval.","spans":[{"start":45,"end":72,"type":"strong"}],"direction":"ltr"}],"text":"These elevated permissions are essential for self-healing infrastructure. To ensure high availability, the platform must automatically provision replacement nodes, update load balancers, and reconfigure networking in real time during an incident (e.g., a 2:00 AM hardware failure) without waiting for human approval."}},{"faq_heading":"Does BYOC increase my security risk by giving a third party access?","faq_copy":{"html":"Actually, it often improves security governance. Access is restricted to a dedicated sub-account (sandbox) in accordance with the principle of least privilege. Furthermore, every action taken by the provider is recorded in your native audit logs (like AWS CloudTrail), giving your security team 100% visibility and a reviewable "paper trail" that traditional SaaS cannot offer.
","raw":[{"type":"paragraph","text":"Actually, it often improves security governance. Access is restricted to a dedicated sub-account (sandbox) in accordance with the principle of least privilege. Furthermore, every action taken by the provider is recorded in your native audit logs (like AWS CloudTrail), giving your security team 100% visibility and a reviewable \"paper trail\" that traditional SaaS cannot offer.","spans":[{"start":19,"end":27,"type":"em"},{"start":19,"end":27,"type":"strong"},{"start":223,"end":227,"type":"em"},{"start":223,"end":227,"type":"strong"}],"direction":"ltr"}],"text":"Actually, it often improves security governance. Access is restricted to a dedicated sub-account (sandbox) in accordance with the principle of least privilege. Furthermore, every action taken by the provider is recorded in your native audit logs (like AWS CloudTrail), giving your security team 100% visibility and a reviewable \"paper trail\" that traditional SaaS cannot offer."}},{"faq_heading":"How does BYOC help with my AWS EDP or Azure MACC commitments?","faq_copy":{"html":"When you use BYOC, the hyperscaler bills you directly for the infrastructure. This means every dollar spent on the servers and storage required for your website counts toward your committed spend or "burns down" your existing cloud credits. You get the benefit of your negotiated discounts while still receiving a fully managed service.
","raw":[{"type":"paragraph","text":"When you use BYOC, the hyperscaler bills you directly for the infrastructure. This means every dollar spent on the servers and storage required for your website counts toward your committed spend or \"burns down\" your existing cloud credits. You get the benefit of your negotiated discounts while still receiving a fully managed service.","spans":[],"direction":"ltr"}],"text":"When you use BYOC, the hyperscaler bills you directly for the infrastructure. This means every dollar spent on the servers and storage required for your website counts toward your committed spend or \"burns down\" your existing cloud credits. You get the benefit of your negotiated discounts while still receiving a fully managed service."}},{"faq_heading":"Can I move away from a BYOC provider without a massive migration?","faq_copy":{"html":"Yes. This is one of the biggest advantages of contractual portability. Because the infrastructure, IP addresses, and storage buckets are already in your account, "moving" often simply involves revoking the provider's IAM access and granting it to a new partner or your internal team. There is no "moving out" because you never left your own cloud.
","raw":[{"type":"paragraph","text":"Yes. This is one of the biggest advantages of contractual portability. Because the infrastructure, IP addresses, and storage buckets are already in your account, \"moving\" often simply involves revoking the provider's IAM access and granting it to a new partner or your internal team. There is no \"moving out\" because you never left your own cloud.","spans":[],"direction":"ltr"}],"text":"Yes. This is one of the biggest advantages of contractual portability. Because the infrastructure, IP addresses, and storage buckets are already in your account, \"moving\" often simply involves revoking the provider's IAM access and granting it to a new partner or your internal team. There is no \"moving out\" because you never left your own cloud."}},{"faq_heading":"Is BYOC necessary for running AI and LLMs?","faq_copy":{"html":"For regulated or data-sensitive industries, yes. Agentic AI requires access to proprietary context (data). BYOC allows you to host Model Context Protocol (MCP) servers and AI agents within your own VPC, ensuring that sensitive data is processed locally and never sent to a third-party's environment for training or storage.
","raw":[{"type":"paragraph","text":"For regulated or data-sensitive industries, yes. Agentic AI requires access to proprietary context (data). BYOC allows you to host Model Context Protocol (MCP) servers and AI agents within your own VPC, ensuring that sensitive data is processed locally and never sent to a third-party's environment for training or storage.","spans":[],"direction":"ltr"}],"text":"For regulated or data-sensitive industries, yes. Agentic AI requires access to proprietary context (data). BYOC allows you to host Model Context Protocol (MCP) servers and AI agents within your own VPC, ensuring that sensitive data is processed locally and never sent to a third-party's environment for training or storage."}},{"faq_heading":"How does \"Self-Healing\" work in a BYOC environment?","faq_copy":{"html":"The management plane constantly monitors the health of your "Data Plane." If a Kubernetes node crashes or a container becomes unresponsive, the platform uses its pre-approved permissions to instantly kill the unhealthy resource and provision a new one. This happens automatically, often resolving issues before users or even your internal teams notice a lag.
","raw":[{"type":"paragraph","text":"The management plane constantly monitors the health of your \"Data Plane.\" If a Kubernetes node crashes or a container becomes unresponsive, the platform uses its pre-approved permissions to instantly kill the unhealthy resource and provision a new one. This happens automatically, often resolving issues before users or even your internal teams notice a lag.","spans":[],"direction":"ltr"}],"text":"The management plane constantly monitors the health of your \"Data Plane.\" If a Kubernetes node crashes or a container becomes unresponsive, the platform uses its pre-approved permissions to instantly kill the unhealthy resource and provision a new one. This happens automatically, often resolving issues before users or even your internal teams notice a lag."}}]},"body":[{"id":"c4ab4748-0f08-5558-bde1-33d74f80dc97","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n\n ![\"A](\"https://images.prismic.io/amazeeio/aejKUMBOoF08xNbu_amazee-io-byoc-bring-your-own-cloud-hosting-trust-2026.jpg?auto=format,compress\")
\n
For a long time, managed hosting has been the most practical way to run web applications. Why? Because infrastructure is complex, and operating secure, highly available environments requires constant monitoring, patching, scaling, and operational expertise. A managed hosting provider handles that heavy lifting, so your team can focus on building applications rather than maintaining infrastructure.
For many organizations, this model still works well. But the way companies use the cloud is changing.
Many now operate mature cloud environments with established networking policies, security tooling, and governance frameworks. They have centralized logging, standardized identity and access controls, and long-term spending commitments with hyperscalers like AWS, Google Cloud, and Azure. If all these pieces are already in place, it raises a natural question:
Shouldn’t your application be hosted in the cloud account you already manage?
This is where Bring Your Own Cloud (BYOC) comes in.
At amazee.io, BYOC is best understood as a deployment model of our managed hosting platform. You get the same fully managed operations and platform expertise, but the infrastructure runs in your own environment instead of ours. This fits our broader “run anywhere” approach: whether your workloads live in your organization’s AWS/GCP/Azure account, on your own physical on-premises servers, in a highly isolated Dedicated Cloud environment, or in another approved infrastructure footprint, the goal stays the same. In the modern enterprise, your infrastructure account is your premises.
In a BYOC architecture, the platform provider still manages the operational layer. Deployments, environment provisioning, scaling logic, monitoring, incident response, and routine platform maintenance remain fully managed. The difference is where the underlying infrastructure lives. Compute, storage, and networking resources are provisioned inside your cloud boundary, so your team retains native visibility and auditability through the tools you already trust.
For technical teams, this turns hosting from a “black box” into a “glass box.” You get the operational simplicity of a managed platform, while keeping infrastructure ownership, governance, and observability anchored inside your own environment.
","raw":[{"type":"paragraph","text":"For a long time, managed hosting has been the most practical way to run web applications. Why? Because infrastructure is complex, and operating secure, highly available environments requires constant monitoring, patching, scaling, and operational expertise. A managed hosting provider handles that heavy lifting, so your team can focus on building applications rather than maintaining infrastructure.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"For many organizations, this model still works well. But the way companies use the cloud is changing.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Many now operate mature cloud environments with established networking policies, security tooling, and governance frameworks. They have centralized logging, standardized identity and access controls, and long-term spending commitments with hyperscalers like AWS, Google Cloud, and Azure. If all these pieces are already in place, it raises a natural question:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Shouldn’t your application be hosted in the cloud account you already manage?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This is where Bring Your Own Cloud (BYOC) comes in.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"At amazee.io, BYOC is best understood as a deployment model of our managed hosting platform. You get the same fully managed operations and platform expertise, but the infrastructure runs in your own environment instead of ours. This fits our broader “run anywhere” approach: whether your workloads live in your organization’s AWS/GCP/Azure account, on your own physical on-premises servers, in a highly isolated Dedicated Cloud environment, or in another approved infrastructure footprint, the goal stays the same. In the modern enterprise, your infrastructure account is your premises.","spans":[{"start":569,"end":571,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In a BYOC architecture, the platform provider still manages the operational layer. Deployments, environment provisioning, scaling logic, monitoring, incident response, and routine platform maintenance remain fully managed. The difference is where the underlying infrastructure lives. Compute, storage, and networking resources are provisioned inside your cloud boundary, so your team retains native visibility and auditability through the tools you already trust.","spans":[{"start":350,"end":354,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"For technical teams, this turns hosting from a “black box” into a “glass box.” You get the operational simplicity of a managed platform, while keeping infrastructure ownership, governance, and observability anchored inside your own environment.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"For a long time, managed hosting has been the most practical way to run web applications. Why? Because infrastructure is complex, and operating secure, highly available environments requires constant monitoring, patching, scaling, and operational expertise. A managed hosting provider handles that heavy lifting, so your team can focus on building applications rather than maintaining infrastructure. For many organizations, this model still works well. But the way companies use the cloud is changing. Many now operate mature cloud environments with established networking policies, security tooling, and governance frameworks. They have centralized logging, standardized identity and access controls, and long-term spending commitments with hyperscalers like AWS, Google Cloud, and Azure. If all these pieces are already in place, it raises a natural question: Shouldn’t your application be hosted in the cloud account you already manage? This is where Bring Your Own Cloud (BYOC) comes in. At amazee.io, BYOC is best understood as a deployment model of our managed hosting platform. You get the same fully managed operations and platform expertise, but the infrastructure runs in your own environment instead of ours. This fits our broader “run anywhere” approach: whether your workloads live in your organization’s AWS/GCP/Azure account, on your own physical on-premises servers, in a highly isolated Dedicated Cloud environment, or in another approved infrastructure footprint, the goal stays the same. In the modern enterprise, your infrastructure account is your premises. In a BYOC architecture, the platform provider still manages the operational layer. Deployments, environment provisioning, scaling logic, monitoring, incident response, and routine platform maintenance remain fully managed. The difference is where the underlying infrastructure lives. Compute, storage, and networking resources are provisioned inside your cloud boundary, so your team retains native visibility and auditability through the tools you already trust. For technical teams, this turns hosting from a “black box” into a “glass box.” You get the operational simplicity of a managed platform, while keeping infrastructure ownership, governance, and observability anchored inside your own environment. "}}},{"id":"50fa7fe5-a128-5e09-9299-fbb451503032","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"The idea behind BYOC is simple, but making it work well depends on a clean split between operational control and infrastructure ownership. In traditional managed hosting, both the platform and the infrastructure live in the provider’s environment. With BYOC, the infrastructure is moved into your cloud account, while the platform provider continues to run the operational layer.
Technically, this is usually done by separating the management plane from the data plane.
\n ![\"A](\"https://images.prismic.io/amazeeio/aejKUcBOoF08xNbw_byoc-architecture-management-plane-vs-data-plane.png?auto=format,compress\")
\n
That separation lets the platform operate like a managed service, while you maintain ownership of the resource. In many deployments, you start with a clean, dedicated Kubernetes cluster that is isolated from other workloads. This improves performance predictability, simplifies networking, and keeps security boundaries clear.
","raw":[{"type":"paragraph","text":"That separation lets the platform operate like a managed service, while you maintain ownership of the resource. In many deployments, you start with a clean, dedicated Kubernetes cluster that is isolated from other workloads. This improves performance predictability, simplifies networking, and keeps security boundaries clear.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"That separation lets the platform operate like a managed service, while you maintain ownership of the resource. In many deployments, you start with a clean, dedicated Kubernetes cluster that is isolated from other workloads. This improves performance predictability, simplifies networking, and keeps security boundaries clear. "}}},{"id":"132bf70f-9832-53ce-b92a-35f1a5b35873","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"With a typical managed hosting provider, the internal IT department often has very little say. Web hosting is outsourced, creating a shadow IT scenario in which applications live outside the company's core governance and security frameworks.
BYOC completely changes this dynamic, making it more attractive to IT teams. Because the underlying infrastructure (like AWS, GCP, Azure, or on-premises servers) is typically provisioned, owned, and governed by the IT department, website hosting is brought back under their control. Developers still get the agile, managed platform they need, but IT remains involved. They maintain oversight of the network, enforce corporate security policies, and monitor resources through their own centralized tools.
","raw":[{"type":"heading3","text":"Empowering the IT Department: Bringing Hosting Back Home","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"With a typical managed hosting provider, the internal IT department often has very little say. Web hosting is outsourced, creating a shadow IT scenario in which applications live outside the company's core governance and security frameworks.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC completely changes this dynamic, making it more attractive to IT teams. Because the underlying infrastructure (like AWS, GCP, Azure, or on-premises servers) is typically provisioned, owned, and governed by the IT department, website hosting is brought back under their control. Developers still get the agile, managed platform they need, but IT remains involved. They maintain oversight of the network, enforce corporate security policies, and monitor resources through their own centralized tools.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Empowering the IT Department: Bringing Hosting Back Home With a typical managed hosting provider, the internal IT department often has very little say. Web hosting is outsourced, creating a shadow IT scenario in which applications live outside the company's core governance and security frameworks. BYOC completely changes this dynamic, making it more attractive to IT teams. Because the underlying infrastructure (like AWS, GCP, Azure, or on-premises servers) is typically provisioned, owned, and governed by the IT department, website hosting is brought back under their control. Developers still get the agile, managed platform they need, but IT remains involved. They maintain oversight of the network, enforce corporate security policies, and monitor resources through their own centralized tools. "}}},{"id":"6aa32616-bbe7-56e9-8bec-ac908ee9a8a3","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Most BYOC deployments do not place workloads directly into a primary corporate cloud account. Instead, they use a dedicated sub-account or subscription that acts as a controlled sandbox for the managed platform environment.
In AWS, for example, this often means a child account with its own networking, compute, and storage configuration, while still connected to organization-wide governance. This significantly reduces the “blast radius.” If something goes wrong in a staging environment, it stays in that sandbox rather than spilling over into sensitive areas like finance or corporate identity. You get separation where you want it, and visibility where you need it.
","raw":[{"type":"heading3","text":"The Dedicated Sub-Account Model","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Most BYOC deployments do not place workloads directly into a primary corporate cloud account. Instead, they use a dedicated sub-account or subscription that acts as a controlled sandbox for the managed platform environment.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In AWS, for example, this often means a child account with its own networking, compute, and storage configuration, while still connected to organization-wide governance. This significantly reduces the “blast radius.” If something goes wrong in a staging environment, it stays in that sandbox rather than spilling over into sensitive areas like finance or corporate identity. You get separation where you want it, and visibility where you need it.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Dedicated Sub-Account Model Most BYOC deployments do not place workloads directly into a primary corporate cloud account. Instead, they use a dedicated sub-account or subscription that acts as a controlled sandbox for the managed platform environment. In AWS, for example, this often means a child account with its own networking, compute, and storage configuration, while still connected to organization-wide governance. This significantly reduces the “blast radius.” If something goes wrong in a staging environment, it stays in that sandbox rather than spilling over into sensitive areas like finance or corporate identity. You get separation where you want it, and visibility where you need it. "}}},{"id":"418bd5aa-1495-5b38-addf-fa162b99a327","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"A common procurement question is whether BYOC provides enough isolation compared to a purely on‑premises setup. These days, strong logical isolation can be as robust and auditable as physical separation. The key difference is not whether hardware is shared. It is who controls the boundaries around your workloads and data.
","raw":[{"type":"heading3","text":"Logical vs. Physical Isolation","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"A common procurement question is whether BYOC provides enough isolation compared to a purely on‑premises setup. These days, strong logical isolation can be as robust and auditable as physical separation. The key difference is not whether hardware is shared. It is who controls the boundaries around your workloads and data.","spans":[],"direction":"ltr"},{"type":"heading4","text":"","spans":[],"direction":"ltr"}],"text":"Logical vs. Physical Isolation A common procurement question is whether BYOC provides enough isolation compared to a purely on‑premises setup. These days, strong logical isolation can be as robust and auditable as physical separation. The key difference is not whether hardware is shared. It is who controls the boundaries around your workloads and data. "}}},{"id":"5be2fa17-c57b-5b60-871d-7baf26b7c418","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Think of the cloud as a high-security apartment building. Everyone shares the foundation, but only you have the keys to your unit (your VPC). amazee.io acts like the building manager: keeping operations running, but only entering the areas you explicitly permit. Even on shared hardware, your application can still operate as if it were in a private, hardened vault.
","raw":[{"type":"paragraph","text":"Think of the cloud as a high-security apartment building. Everyone shares the foundation, but only you have the keys to your unit (your VPC). amazee.io acts like the building manager: keeping operations running, but only entering the areas you explicitly permit. Even on shared hardware, your application can still operate as if it were in a private, hardened vault.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Think of the cloud as a high-security apartment building. Everyone shares the foundation, but only you have the keys to your unit (your VPC). amazee.io acts like the building manager: keeping operations running, but only entering the areas you explicitly permit. Even on shared hardware, your application can still operate as if it were in a private, hardened vault. "}}},{"id":"784ce5fd-936a-53e6-b94d-7d9484539ad6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths.
","raw":[{"type":"heading2","text":"Navigating the Shared Responsibility Framework","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Navigating the Shared Responsibility Framework In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths. "}}},{"id":"ae685172-3c24-5b6d-8a47-f594026672cf","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Responsibility typically breaks into three layers:
Your hyperscaler of choice (or your internal IT for on-premises) secures and operates the underlying cloud: data centers, physical hardware, and the core virtualization and network backbone.
We run the platform layer: Kubernetes operations, monitoring, incident response, scaling logic, and routine platform upkeep. Where application-level maintenance is included in the service scope, we also help coordinate and apply routine updates in collaboration with your team’s release process.
You control the infrastructure account boundary: root credentials, internal policies (including data classification), and who in your organization can access systems or approve changes.
For example, if there is a hardware incident, AWS replaces the affected hardware. If platform-level updates are required, amazee.io applies them as part of managed operations. Your team manages user access roles so only approved people can request changes or access sensitive data.
","raw":[{"type":"heading3","text":"The Three-Way Split of Responsibility","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Responsibility typically breaks into three layers:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading4","text":"Your Hyperscaler (AWS, GCP, Azure): “Security of the Cloud.”","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Your hyperscaler of choice (or your internal IT for on-premises) secures and operates the underlying cloud: data centers, physical hardware, and the core virtualization and network backbone.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading4","text":"Your Platform Partner (amazee.io): “Management and Orchestration.”","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We run the platform layer: Kubernetes operations, monitoring, incident response, scaling logic, and routine platform upkeep. Where application-level maintenance is included in the service scope, we also help coordinate and apply routine updates in collaboration with your team’s release process.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading4","text":"You: “Security in the Cloud.”","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"You control the infrastructure account boundary: root credentials, internal policies (including data classification), and who in your organization can access systems or approve changes.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"For example, if there is a hardware incident, AWS replaces the affected hardware. If platform-level updates are required, amazee.io applies them as part of managed operations. Your team manages user access roles so only approved people can request changes or access sensitive data.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Three-Way Split of Responsibility Responsibility typically breaks into three layers: Your Hyperscaler (AWS, GCP, Azure): “Security of the Cloud.” Your hyperscaler of choice (or your internal IT for on-premises) secures and operates the underlying cloud: data centers, physical hardware, and the core virtualization and network backbone. Your Platform Partner (amazee.io): “Management and Orchestration.” We run the platform layer: Kubernetes operations, monitoring, incident response, scaling logic, and routine platform upkeep. Where application-level maintenance is included in the service scope, we also help coordinate and apply routine updates in collaboration with your team’s release process. You: “Security in the Cloud.” You control the infrastructure account boundary: root credentials, internal policies (including data classification), and who in your organization can access systems or approve changes. For example, if there is a hardware incident, AWS replaces the affected hardware. If platform-level updates are required, amazee.io applies them as part of managed operations. Your team manages user access roles so only approved people can request changes or access sensitive data. "}}},{"id":"0359a90b-0250-54bd-b5ac-9df875105140","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"A major procurement advantage of BYOC is that it reduces the risk of becoming a “data hostage” because the infrastructure is yours.
If the management contract ends, you still retain the cloud account, the data, and the infrastructure assets because they were never in the provider’s account to begin with.
","raw":[{"type":"heading3","text":"Procurement and Ownership: Who Owns What?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"A major procurement advantage of BYOC is that it reduces the risk of becoming a “data hostage” because the infrastructure is yours.","spans":[],"direction":"ltr"},{"type":"list-item","text":"Asset ownership: The environment runs inside your AWS/GCP/Azure or on-premises account, so the infrastructure resources belong to your organization.","spans":[{"start":0,"end":17,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Contractual portability: If you change management partners later, you do not have to “move out of a vendor.” In many cases, you revoke one partner’s access and grant access to another, rather than doing a full migration.","spans":[{"start":0,"end":24,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"If the management contract ends, you still retain the cloud account, the data, and the infrastructure assets because they were never in the provider’s account to begin with.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Procurement and Ownership: Who Owns What? A major procurement advantage of BYOC is that it reduces the risk of becoming a “data hostage” because the infrastructure is yours. Asset ownership: The environment runs inside your AWS/GCP/Azure or on-premises account, so the infrastructure resources belong to your organization. Contractual portability: If you change management partners later, you do not have to “move out of a vendor.” In many cases, you revoke one partner’s access and grant access to another, rather than doing a full migration. If the management contract ends, you still retain the cloud account, the data, and the infrastructure assets because they were never in the provider’s account to begin with. "}}},{"id":"e8fb47f4-6413-516f-aeb8-3757253c17a1","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"BYOC gives you ownership without making you run day-to-day ops yourself.
amazee.io focuses on keeping the platform healthy: OS patching, Kubernetes upgrades, monitoring, and preventing resource issues from turning into incidents. Your engineering team focuses on shipping value through application code.
In practice, we keep the underlying platform current and stable in the background, while your team deploys feature changes on top.
","raw":[{"type":"heading3","text":"Infrastructure Maintenance vs. Application Delivery","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC gives you ownership without making you run day-to-day ops yourself.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"amazee.io focuses on keeping the platform healthy: OS patching, Kubernetes upgrades, monitoring, and preventing resource issues from turning into incidents. Your engineering team focuses on shipping value through application code.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In practice, we keep the underlying platform current and stable in the background, while your team deploys feature changes on top.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Infrastructure Maintenance vs. Application Delivery BYOC gives you ownership without making you run day-to-day ops yourself. amazee.io focuses on keeping the platform healthy: OS patching, Kubernetes upgrades, monitoring, and preventing resource issues from turning into incidents. Your engineering team focuses on shipping value through application code. In practice, we keep the underlying platform current and stable in the background, while your team deploys feature changes on top. "}}},{"id":"ae08982b-8732-576e-9d05-c8861e1d8a2d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"BYOC procurement often hits one big friction point: why does a third-party provider need elevated permissions at all? It feels like a paradox. On one hand, security teams want strict guardrails and total control. On the other hand, “self-healing” infrastructure requires the platform to act like an automated administrator. A mature BYOC model is built to balance both.
The simplest way to see the trade-off is operational. In a manual ticket model, a crashed node triggers an alert, a human requests access, waits for approval, and then starts recovery. It is controlled, but slow. In an automated self-healing model, the platform can take a narrow set of pre-approved actions immediately, so recovery happens in seconds, not hours.
","raw":[{"type":"heading2","text":"The Permission Paradox: Security and Access Governance","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC procurement often hits one big friction point: why does a third-party provider need elevated permissions at all? It feels like a paradox. On one hand, security teams want strict guardrails and total control. On the other hand, “self-healing” infrastructure requires the platform to act like an automated administrator. A mature BYOC model is built to balance both.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The simplest way to see the trade-off is operational. In a manual ticket model, a crashed node triggers an alert, a human requests access, waits for approval, and then starts recovery. It is controlled, but slow. In an automated self-healing model, the platform can take a narrow set of pre-approved actions immediately, so recovery happens in seconds, not hours.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Permission Paradox: Security and Access Governance BYOC procurement often hits one big friction point: why does a third-party provider need elevated permissions at all? It feels like a paradox. On one hand, security teams want strict guardrails and total control. On the other hand, “self-healing” infrastructure requires the platform to act like an automated administrator. A mature BYOC model is built to balance both. The simplest way to see the trade-off is operational. In a manual ticket model, a crashed node triggers an alert, a human requests access, waits for approval, and then starts recovery. It is controlled, but slow. In an automated self-healing model, the platform can take a narrow set of pre-approved actions immediately, so recovery happens in seconds, not hours. "}}},{"id":"ea49f009-4ca3-5419-8156-4efebbc0b1b6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"To deliver fault-tolerant hosting, the platform must be able to provision and reconfigure infrastructure in real time, without waiting for approvals during an incident.
Picture a 2:00 AM node failure. The platform detects the problem, provisions replacement capacity, and updates routing to avoid traffic to the unhealthy component. Users may never notice. Without elevated permissions, recovery becomes reactive and delayed, increasing the risk of downtime.
👉 Dive Deeper into Fault-Tolerant Enterprise Hosting
","raw":[{"type":"heading3","text":"Why Elevated Permissions are Necessary for Self-Healing","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"To deliver fault-tolerant hosting, the platform must be able to provision and reconfigure infrastructure in real time, without waiting for approvals during an incident.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Picture a 2:00 AM node failure. The platform detects the problem, provisions replacement capacity, and updates routing to avoid traffic to the unhealthy component. Users may never notice. Without elevated permissions, recovery becomes reactive and delayed, increasing the risk of downtime.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👉 Dive Deeper into Fault-Tolerant Enterprise Hosting","spans":[{"start":20,"end":53,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting","target":"_blank"}},{"start":20,"end":53,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Elevated Permissions are Necessary for Self-Healing To deliver fault-tolerant hosting, the platform must be able to provision and reconfigure infrastructure in real time, without waiting for approvals during an incident. Picture a 2:00 AM node failure. The platform detects the problem, provisions replacement capacity, and updates routing to avoid traffic to the unhealthy component. Users may never notice. Without elevated permissions, recovery becomes reactive and delayed, increasing the risk of downtime. 👉 Dive Deeper into Fault-Tolerant Enterprise Hosting "}}},{"id":"7ded5107-68f5-5c21-ac9a-85a75bef89bc","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"We solve this “paradox” by keeping permissions strictly within a sandbox and following the principle of least privilege.
In practice, amazee.io does not need access to your whole organization. Access is limited strictly to the dedicated environment used for the platform (such as a dedicated sub-account or subscription). Permissions are granted via defined IAM roles that allow necessary operational actions while blocking sensitive identity operations. Access is typically short-lived and role-based rather than relying on long-lived shared keys, and you can revoke that trust immediately if needed.
","raw":[{"type":"heading3","text":"Implementing Least-Privilege via IAM Roles","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We solve this “paradox” by keeping permissions strictly within a sandbox and following the principle of least privilege.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In practice, amazee.io does not need access to your whole organization. Access is limited strictly to the dedicated environment used for the platform (such as a dedicated sub-account or subscription). Permissions are granted via defined IAM roles that allow necessary operational actions while blocking sensitive identity operations. Access is typically short-lived and role-based rather than relying on long-lived shared keys, and you can revoke that trust immediately if needed.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Implementing Least-Privilege via IAM Roles We solve this “paradox” by keeping permissions strictly within a sandbox and following the principle of least privilege. In practice, amazee.io does not need access to your whole organization. Access is limited strictly to the dedicated environment used for the platform (such as a dedicated sub-account or subscription). Permissions are granted via defined IAM roles that allow necessary operational actions while blocking sensitive identity operations. Access is typically short-lived and role-based rather than relying on long-lived shared keys, and you can revoke that trust immediately if needed. "}}},{"id":"2560e4c2-dc67-5d49-bcba-5d0862af9ed5","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"BYOC also changes the trust model. In SaaS, you often rely on the provider’s assurances. In BYOC, actions happen inside your infrastructure boundary, so you have the logs. Management activity can be recorded in your native audit tools (e.g., AWS CloudTrail or Azure Activity Log) and then forwarded to your SIEM. During an audit, your security team can pull a timeline of what changed, when it changed, and which role performed the action, without having to ask a vendor for evidence.
This glass-box visibility turns operational access into a governed, reviewable control. Furthermore, because our platform is open source, there are no hidden black-box mechanics. amazee.io also holds ISO27001 and SOC 2 Type II certifications. When you combine an open-source, certified platform with a deployment that runs entirely within your already-trusted environment, onboarding and IT auditing processes become drastically faster and easier.
","raw":[{"type":"heading3","text":"Auditability: Logging, Monitoring, and Open Source Trust","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC also changes the trust model. In SaaS, you often rely on the provider’s assurances. In BYOC, actions happen inside your infrastructure boundary, so you have the logs. Management activity can be recorded in your native audit tools (e.g., AWS CloudTrail or Azure Activity Log) and then forwarded to your SIEM. During an audit, your security team can pull a timeline of what changed, when it changed, and which role performed the action, without having to ask a vendor for evidence. ","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This glass-box visibility turns operational access into a governed, reviewable control. Furthermore, because our platform is open source, there are no hidden black-box mechanics. amazee.io also holds ISO27001 and SOC 2 Type II certifications. When you combine an open-source, certified platform with a deployment that runs entirely within your already-trusted environment, onboarding and IT auditing processes become drastically faster and easier.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Auditability: Logging, Monitoring, and Open Source Trust BYOC also changes the trust model. In SaaS, you often rely on the provider’s assurances. In BYOC, actions happen inside your infrastructure boundary, so you have the logs. Management activity can be recorded in your native audit tools (e.g., AWS CloudTrail or Azure Activity Log) and then forwarded to your SIEM. During an audit, your security team can pull a timeline of what changed, when it changed, and which role performed the action, without having to ask a vendor for evidence. This glass-box visibility turns operational access into a governed, reviewable control. Furthermore, because our platform is open source, there are no hidden black-box mechanics. amazee.io also holds ISO27001 and SOC 2 Type II certifications. When you combine an open-source, certified platform with a deployment that runs entirely within your already-trusted environment, onboarding and IT auditing processes become drastically faster and easier. "}}},{"id":"85ede28a-211a-5fc1-befc-24606ebe647d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"BYOC moves the focus from simple “vendor costs” toward overall efficiency. Your infrastructure becomes an asset you can optimize within the financial agreements you already have, while still receiving white-glove managed operations.
For example, if you have a $1M AWS EDP (or an Azure MACC commitment), BYOC lets you run production hosting in your own account so that infrastructure spend counts toward burning down that commitment, while amazee.io provides the managed layer.
","raw":[{"type":"heading2","text":"Financial Orchestration: Turning Infrastructure into a Strategic Asset","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC moves the focus from simple “vendor costs” toward overall efficiency. Your infrastructure becomes an asset you can optimize within the financial agreements you already have, while still receiving white-glove managed operations.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"For example, if you have a $1M AWS EDP (or an Azure MACC commitment), BYOC lets you run production hosting in your own account so that infrastructure spend counts toward burning down that commitment, while amazee.io provides the managed layer.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Financial Orchestration: Turning Infrastructure into a Strategic Asset BYOC moves the focus from simple “vendor costs” toward overall efficiency. Your infrastructure becomes an asset you can optimize within the financial agreements you already have, while still receiving white-glove managed operations. For example, if you have a $1M AWS EDP (or an Azure MACC commitment), BYOC lets you run production hosting in your own account so that infrastructure spend counts toward burning down that commitment, while amazee.io provides the managed layer. "}}},{"id":"a22e4eaf-1814-5c32-a91d-a2f0e98e00c6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Most large enterprises already have committed spend and credits. With BYOC, you can apply those directly to real production hosting because the infrastructure is billed through your account. That means you benefit from the discounts you have already negotiated, rather than paying “retail” rates hidden inside bundled SaaS pricing.
","raw":[{"type":"heading3","text":"The Power of Cloud Provider Credits (EDP and MACC)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Most large enterprises already have committed spend and credits. With BYOC, you can apply those directly to real production hosting because the infrastructure is billed through your account. That means you benefit from the discounts you have already negotiated, rather than paying “retail” rates hidden inside bundled SaaS pricing.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Power of Cloud Provider Credits (EDP and MACC) Most large enterprises already have committed spend and credits. With BYOC, you can apply those directly to real production hosting because the infrastructure is billed through your account. That means you benefit from the discounts you have already negotiated, rather than paying “retail” rates hidden inside bundled SaaS pricing. "}}},{"id":"2603c31e-0cb1-51ec-892d-cbfabc060def","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Procurement often cares as much about the process as it does about the price. BYOC gives you options to match however your team prefers to work.
BYOC is also a glass box financially. Your infrastructure costs are native to your cloud account, so you can see exactly what is running and what it costs, without hidden hosting margins. The management fee becomes easier to assess as an operations layer rather than a blended markup.
The result is a healthier rhythm: your team can work with our engineers to right-size resources and remove unused capacity, while keeping the operational burden off your internal teams.
","raw":[{"type":"heading3","text":"Total Cost of Ownership (TCO) Transparency","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC is also a glass box financially. Your infrastructure costs are native to your cloud account, so you can see exactly what is running and what it costs, without hidden hosting margins. The management fee becomes easier to assess as an operations layer rather than a blended markup.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The result is a healthier rhythm: your team can work with our engineers to right-size resources and remove unused capacity, while keeping the operational burden off your internal teams.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Total Cost of Ownership (TCO) Transparency BYOC is also a glass box financially. Your infrastructure costs are native to your cloud account, so you can see exactly what is running and what it costs, without hidden hosting margins. The management fee becomes easier to assess as an operations layer rather than a blended markup. The result is a healthier rhythm: your team can work with our engineers to right-size resources and remove unused capacity, while keeping the operational burden off your internal teams. "}}},{"id":"8e855872-9de7-53c9-9e18-b1ab8e8b6b35","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Beyond the operational and financial benefits, the value of BYOC also lies in its preparation for the next wave of technology, specifically the shift toward (agentic) AI.
As AI becomes more ubiquitous, the key question is no longer “where is my website?” It is “Where is my data being processed by AI?” Agentic AI systems do not just generate text. They take actions, query internal systems, and make decisions based on proprietary context. That is why traditional vendor-hosted SaaS can feel risky for regulated or data-sensitive organizations. BYOC lets you use AI while keeping your most sensitive data inside your security boundary.
For example, a healthcare organization may not be able to send patient records to a public LLM endpoint as raw context. In BYOC, you can deploy an agentic bot that analyzes the data while compute, data stores, and context remain within your own VPC. The agent can still produce useful outputs, but the underlying dataset remains protected.
","raw":[{"type":"heading2","text":"The Future Foundation: Why BYOC is Critical for Agentic AI","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Beyond the operational and financial benefits, the value of BYOC also lies in its preparation for the next wave of technology, specifically the shift toward (agentic) AI.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"As AI becomes more ubiquitous, the key question is no longer “where is my website?” It is “Where is my data being processed by AI?” Agentic AI systems do not just generate text. They take actions, query internal systems, and make decisions based on proprietary context. That is why traditional vendor-hosted SaaS can feel risky for regulated or data-sensitive organizations. BYOC lets you use AI while keeping your most sensitive data inside your security boundary.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"For example, a healthcare organization may not be able to send patient records to a public LLM endpoint as raw context. In BYOC, you can deploy an agentic bot that analyzes the data while compute, data stores, and context remain within your own VPC. The agent can still produce useful outputs, but the underlying dataset remains protected.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Future Foundation: Why BYOC is Critical for Agentic AI Beyond the operational and financial benefits, the value of BYOC also lies in its preparation for the next wave of technology, specifically the shift toward (agentic) AI. As AI becomes more ubiquitous, the key question is no longer “where is my website?” It is “Where is my data being processed by AI?” Agentic AI systems do not just generate text. They take actions, query internal systems, and make decisions based on proprietary context. That is why traditional vendor-hosted SaaS can feel risky for regulated or data-sensitive organizations. BYOC lets you use AI while keeping your most sensitive data inside your security boundary. For example, a healthcare organization may not be able to send patient records to a public LLM endpoint as raw context. In BYOC, you can deploy an agentic bot that analyzes the data while compute, data stores, and context remain within your own VPC. The agent can still produce useful outputs, but the underlying dataset remains protected. "}}},{"id":"91a587ee-1271-5072-adb3-2581ea22b6c8","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Agents are only as good as their context: internal docs, tickets, customer records, and product data. The security gap in many AI “add-ons” is that context retrieval pulls data out to an external service.
With BYOC, Model Context Protocol (MCP) becomes a practical control point. You can host MCP context servers inside your own cloud environment, close to the systems they connect to. The agent can fetch what it needs locally, apply your access controls, and keep sensitive context inside your perimeter.
👉 Gain Expert Insights into Agentic AI and MCP
","raw":[{"type":"heading3","text":"The Role of the Model Context Protocol (MCP)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Agents are only as good as their context: internal docs, tickets, customer records, and product data. The security gap in many AI “add-ons” is that context retrieval pulls data out to an external service.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"With BYOC, Model Context Protocol (MCP) becomes a practical control point. You can host MCP context servers inside your own cloud environment, close to the systems they connect to. The agent can fetch what it needs locally, apply your access controls, and keep sensitive context inside your perimeter.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👉 Gain Expert Insights into Agentic AI and MCP","spans":[{"start":0,"end":47,"type":"strong"},{"start":29,"end":47,"type":"hyperlink","data":{"link_type":"Web","url":"https://amazee.ai/blog/generative-ai-agentic-ai-mcp-difference","target":"_blank"}}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Role of the Model Context Protocol (MCP) Agents are only as good as their context: internal docs, tickets, customer records, and product data. The security gap in many AI “add-ons” is that context retrieval pulls data out to an external service. With BYOC, Model Context Protocol (MCP) becomes a practical control point. You can host MCP context servers inside your own cloud environment, close to the systems they connect to. The agent can fetch what it needs locally, apply your access controls, and keep sensitive context inside your perimeter. 👉 Gain Expert Insights into Agentic AI and MCP "}}},{"id":"fc227523-7ad1-5fbb-a42e-b63422b5705a","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Your proprietary data is not just a compliance concern. It is a competitive advantage. BYOC supports a zero-trust posture with AI providers, as governance remains anchored in your cloud account.
Sensitive context stays in your environment, access is observable through your audit logs and security tooling, and you can control what an agent is allowed to touch. You also reduce long-term lock-in: as models improve, you can update the AI layer without migrating your underlying data to a new vendor ecosystem.
","raw":[{"type":"heading3","text":"Protecting the “Brain” of Your Organization","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Your proprietary data is not just a compliance concern. It is a competitive advantage. BYOC supports a zero-trust posture with AI providers, as governance remains anchored in your cloud account.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Sensitive context stays in your environment, access is observable through your audit logs and security tooling, and you can control what an agent is allowed to touch. You also reduce long-term lock-in: as models improve, you can update the AI layer without migrating your underlying data to a new vendor ecosystem.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Protecting the “Brain” of Your Organization Your proprietary data is not just a compliance concern. It is a competitive advantage. BYOC supports a zero-trust posture with AI providers, as governance remains anchored in your cloud account. Sensitive context stays in your environment, access is observable through your audit logs and security tooling, and you can control what an agent is allowed to touch. You also reduce long-term lock-in: as models improve, you can update the AI layer without migrating your underlying data to a new vendor ecosystem. "}}},{"id":"b879cf63-2002-540c-8e1a-6f07e876fc40","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"BYOC is not just a hosting decision. It is an AI-readiness decision. Agentic systems work best when they sit next to the data they need, with low latency, strong governance, and predictable operations. BYOC provides a foundation for AI to scale without creating new compliance gaps.
By bringing your own cloud, you are not only securing today’s web presence but also preparing for tomorrow's. You are creating a private, governed environment where the next generation of AI automation can operate safely.
","raw":[{"type":"heading3","text":"Building for 2026 and Beyond","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"BYOC is not just a hosting decision. It is an AI-readiness decision. Agentic systems work best when they sit next to the data they need, with low latency, strong governance, and predictable operations. BYOC provides a foundation for AI to scale without creating new compliance gaps.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"By bringing your own cloud, you are not only securing today’s web presence but also preparing for tomorrow's. You are creating a private, governed environment where the next generation of AI automation can operate safely.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Building for 2026 and Beyond BYOC is not just a hosting decision. It is an AI-readiness decision. Agentic systems work best when they sit next to the data they need, with low latency, strong governance, and predictable operations. BYOC provides a foundation for AI to scale without creating new compliance gaps. By bringing your own cloud, you are not only securing today’s web presence but also preparing for tomorrow's. You are creating a private, governed environment where the next generation of AI automation can operate safely. "}}},{"id":"bf8f617c-1fee-5021-87db-222dc737f695","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"Retain total ownership of your AWS, GCP, or Azure resources while offloading the operational burden to our team. It’s the managed platform you need, inside the cloud account you already own.
From meeting strict compliance requirements to building the foundation for Agentic AI, BYOC is the architecture that allows your team to scale with confidence.
Talk to our Experts to Learn More
","raw":[{"type":"heading2","text":"Bring Your Own Cloud. We’ll Bring the Expertise.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Retain total ownership of your AWS, GCP, or Azure resources while offloading the operational burden to our team. It’s the managed platform you need, inside the cloud account you already own.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"From meeting strict compliance requirements to building the foundation for Agentic AI, BYOC is the architecture that allows your team to scale with confidence.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Talk to our Experts to Learn More","spans":[{"start":0,"end":33,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/get-in-touch","target":"_blank"}},{"start":0,"end":33,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Bring Your Own Cloud. We’ll Bring the Expertise. Retain total ownership of your AWS, GCP, or Azure resources while offloading the operational burden to our team. It’s the managed platform you need, inside the cloud account you already own. From meeting strict compliance requirements to building the foundation for Agentic AI, BYOC is the architecture that allows your team to scale with confidence. Talk to our Experts to Learn More "}}},{"id":"66938393-aae4-5a57-b5de-c00f2564c2f3","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"👓 [Article] Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks
👓 [Article] DDoS Attack Mitigation for Enterprises
👓 [Webinar] Continuous Software Security with Dependency-Track
","raw":[{"type":"heading2","text":"Further Reading","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Article] Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks","spans":[{"start":13,"end":95,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fully-managed-secured-data-hosting-service","target":"_blank"}},{"start":13,"end":95,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Article] DDoS Attack Mitigation for Enterprises","spans":[{"start":13,"end":51,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/ddos-attack-mitigation-for-enterprises","target":"_blank"}},{"start":13,"end":51,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Webinar] Continuous Software Security with Dependency-Track","spans":[{"start":13,"end":63,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track","target":"_blank"}},{"start":13,"end":63,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Further Reading 👓 [Article] Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks 👓 [Article] DDoS Attack Mitigation for Enterprises 👓 [Webinar] Continuous Software Security with Dependency-Track "}}}],"summary":"Discover why BYOC (Bring Your Own Cloud) is the new standard for enterprise hosting. Learn about dedicated sub-accounts, security governance, and more.","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/aejKUMBOoF08xNbu_amazee-io-byoc-bring-your-own-cloud-hosting-trust-2026.jpg?auto=format%2Ccompress"}]}}]}}, "staticQueryHashes": ["1659250047","2244888832","3350517190"]}