Skip to main content

What to Ask

The AI Assistant can answer questions across every area of Guardian Pro's capabilities. This page provides example questions organised by category to help you discover what is possible and frame your own questions effectively.

Infrastructure Health

Get a high-level understanding of your environment's overall state.

Example questions:

  • "What is my current health score?"
  • "Why did my health score drop this week?"
  • "What are the top factors hurting my health score?"
  • "How has my infrastructure health changed over the last 30 days?"
  • "Which accounts have the lowest health scores?"
  • "What should I fix first to improve my health score the most?"
tip

Health score questions are a great starting point for any session. They give you a quick overview and naturally lead to follow-up questions about specific findings or risks.

Security and Findings

Investigate security issues, understand risks, and get remediation guidance.

Example questions:

Finding Discovery

  • "What are my most critical security findings?"
  • "Do I have any public-facing S3 buckets?"
  • "Are there any unencrypted databases in my environment?"
  • "Which security groups allow unrestricted inbound access?"
  • "Do I have any IAM users with console access but no MFA?"
  • "Show me all findings related to encryption"
  • "How many high-severity findings do I have?"

Understanding Findings

  • "Explain the RDS encryption finding on my production database"
  • "Why is public SSH access considered a critical risk?"
  • "What is the impact of having an unencrypted EBS volume?"
  • "What does the 'root account access key' finding mean?"

Remediation Guidance

  • "How do I fix the S3 public access finding?"
  • "Can Guardian Pro automatically remediate the CloudTrail logging issue?"
  • "What are the steps to enable encryption on my RDS instance?"
  • "Is it safe to remediate this finding automatically, or should I do it manually?"
  • "What will change if I remediate this finding?"

Bulk Analysis

  • "Which service has the most security findings?"
  • "Give me a summary of findings by severity"
  • "What are the most common types of findings in my environment?"
  • "Which resources have the highest number of findings?"

Cost Analysis

Understand your spending and find optimisation opportunities.

Example questions:

Spending Overview

  • "How much am I spending on AWS this month?"
  • "What are my top 5 most expensive services?"
  • "How does this month's spending compare to last month?"
  • "What is my daily spend trend over the last 30 days?"
  • "Which region is the most expensive?"

Cost Optimisation

  • "What are my top cost reduction opportunities?"
  • "How much could I save with rightsizing recommendations?"
  • "Are there any idle or unused resources I can clean up?"
  • "Do I have any unattached EBS volumes or unused Elastic IPs?"
  • "Would Reserved Instances save me money on my EC2 usage?"
  • "What savings could I get from Savings Plans?"

Cost Anomalies

  • "Have there been any unusual spending spikes recently?"
  • "Why did my costs increase last week?"
  • "Are there any new services appearing on my bill that were not there before?"
info

Cost questions require AWS Cost and Usage Reports (CUR) to be configured. If CUR is not set up, the assistant will let you know and guide you to the CUR Setup page.

Compliance

Check your compliance posture across industry frameworks.

Example questions:

Compliance Status

  • "What is my CIS compliance score?"
  • "Am I compliant with SOC 2?"
  • "Which compliance frameworks am I subscribed to?"
  • "What is my overall compliance posture?"
  • "How has my compliance score changed over the last 3 months?"

Control Details

  • "Which CIS controls are failing?"
  • "What do I need to fix to pass CIS control 2.1?"
  • "Which SOC 2 controls require attention?"
  • "How many GDPR controls are we passing?"

Audit Preparation

  • "Give me a summary I can share with my auditor for CIS"
  • "What are the most critical compliance gaps I should address before our SOC 2 audit?"
  • "Which areas of non-compliance have the highest severity?"

Architecture and Risk

Understand your infrastructure topology, identify risks, and simulate failures.

Example questions:

Risk Analysis

  • "What are the biggest risks in my architecture?"
  • "Do I have any single points of failure?"
  • "Are my resources concentrated in a single Availability Zone?"
  • "Which resources have the highest blast radius?"
  • "Are there any orphaned or redundant resources?"

Failure Simulation

  • "What happens if my primary database goes down?"
  • "Simulate a failure of my main load balancer"
  • "Which resources would be affected if VPC vpc-0abc123 became unavailable?"
  • "What is the blast radius of a failure in my API layer?"

Architecture Assessment

  • "How mature is my infrastructure? Am I ready to scale?"
  • "What is my growth readiness score?"
  • "Are there areas where I should add redundancy?"
  • "Do I have any resources that should be containerised?"

Find and inspect specific resources in your environment.

Example questions:

  • "How many EC2 instances do I have?"
  • "List all my RDS databases"
  • "How many Lambda functions are deployed in eu-west-1?"
  • "Show me all S3 buckets"
  • "Do I have any Elasticsearch or OpenSearch domains?"
  • "How many resources does Guardian Pro monitor in total?"
  • "Which regions have the most resources?"

Cross-Domain Questions

Some of the most valuable questions span multiple domains. The assistant handles these by gathering data from multiple sources.

Example questions:

  • "What is the most impactful thing I can do to improve my security and reduce costs?"
  • "Are any of my most expensive resources also security risks?"
  • "Give me a complete overview of my AWS environment -- health, security, cost, and compliance"
  • "What should be my top priorities this week?"
  • "If I had one hour to improve my infrastructure, what should I focus on?"

Questions by Role

Depending on your role, you may find certain types of questions more relevant:

For Security Engineers

  • "What are the top 10 security findings I should address today?"
  • "Are there any critical findings that have been open for more than 7 days?"
  • "Which findings can be automatically remediated?"
  • "Give me a security posture summary for the last month"

For DevOps Engineers

  • "What architecture risks should I address before our next release?"
  • "Are there any single points of failure in our production environment?"
  • "What monitoring gaps exist in my infrastructure?"
  • "Which resources are not following infrastructure-as-code practices?"

For Finance and Management

  • "What is our total AWS spend this month compared to budget?"
  • "What is the total estimated savings from all recommendations?"
  • "Give me a high-level compliance summary across all frameworks"
  • "What is the trend of our health score over the last quarter?"

For Developers

  • "How do I set up a new VPC with best practices?"
  • "What is the recommended way to encrypt my database?"
  • "Explain the security group rules for my application"
  • "What infrastructure changes would improve my application's availability?"
tip

You do not need to memorise these examples. The AI Assistant understands natural language, so ask your question however it comes to mind. These examples are here to show the breadth of what is possible and to spark ideas.

Questions the Assistant Cannot Answer

The AI Assistant is focused on your AWS infrastructure as monitored by Guardian Pro. It cannot:

  • Answer questions about AWS services that Guardian Pro does not monitor
  • Provide information about resources in accounts not connected to Guardian Pro
  • Make changes to your environment without your explicit confirmation
  • Answer questions unrelated to AWS infrastructure or Guardian Pro

If you ask a question outside its scope, the assistant will let you know and suggest where you might find the information you need.

Next Steps