Every modern enterprise strives for faster software delivery without compromising on security and compliance. As cloud-native environments grow in scale and complexity, so does the burden of identifying and fixing misconfigurations across clusters, pipelines, and cloud infrastructure.

Today, we’re excited to announce a major leap forward in our mission to simplify cloud governance: AI-Powered Remediations, which is now available in preview in Nirmata Control Hub (NCH).

Why AI Remediations for Policy as Code?

Security and platform teams often face a growing backlog of policy violations—from missing labels to insecure container configurations to overly permissive network rules. Manually investigating each violation, understanding its root cause, and crafting a compliant fix takes time—and that time adds up.

With AI Remediations, we’re dramatically reducing the Mean Time to Remediation (MTTR). Instead of spending hours chasing down documentation or writing YAML from scratch, teams can now review and apply context-aware fixes in minutes.

And the benefits go beyond speed:

• Dev teams are no longer blocked by vague policy errors. Instead, they receive concrete, explainable suggestions to fix issues early.
• Platform engineers can spend less time triaging violations and more time building scalable, reliable infrastructure.
• Security teams have peace of mind knowing issues aren’t just detected—they’re getting resolved faster than ever.

How It Works

Whether it’s a Deployment, ConfigMap, NetworkPolicy, or any Kubernetes resource, if it violates a rule enforced by your Kyverno policies in NCH, we can generate a fix.

Here’s how:

1. NCH identifies a resource that is out of compliance.
2. Our backend invokes an LLM (Claude 3.7) with the resource spec, policy, and violation details.
3. The AI returns a suggested remediation patch with a summary of what changed and why.
4. You review and optionally apply the fix.

Transparency by design: We don’t just tell you what to change – we explain why. You stay in control, with the ability to test and validate before deployment.

Designed for Developer Velocity and Platform Efficiency

AI Remediations aren’t about removing humans from the loop—they’re about giving your teams a smarter starting point. Think of them as policy-aware code suggestions that plug right into your existing workflows.

• Faster MTTR: Cut down the time from detection to resolution with guided, context-specific fixes.
• Less toil: Free up developers and platform engineers from repetitive YAML surgery.
• Better focus: Spend more time on innovation, less time on triage.

Where to Find It

You can explore AI Remediations in NCH under the Violations tab. Click into any violation, and if eligible, you’ll see the new AI Remediation option. Review, copy, or download the fix – whether you’re working manually or pushing changes through a GitOps workflow.

What’s Next

This is just the beginning. Our vision is to make policy enforcement proactive, intelligent, explainable, and assistive. From shifting left in the development lifecycle to enabling secure, self-service platforms, AI is becoming a key enabler for modern DevSecOps.

We’re excited to partner with you as we evolve this capability with your feedback. Let us know what works, what you want to see next, and how we can make your teams even more productive.

Ready to reduce your MTTR with AI?

Request a demo, or reach out to your Nirmata rep to enable the preview.

Spend a bit of time familiarizing yourselves with Nirmata Control Hub again while you’re here!