Pulumi Introduces AI-Powered Automatic Remediation for Infrastructure Policy Violations
Neo, Pulumi's AI platform engineer, intelligently fixes compliance issues across any cloud
Organization-wide policy management now available to Team and Enterprise customers
SEATTLE, Nov. 5, 2025 /PRNewswire/ -- Pulumi, the infrastructure-as-code platform, today announced AI-powered automatic policy remediation through Pulumi Neo, addressing a persistent challenge in infrastructure governance: the backlog of policy violations that platform teams struggle to remediate at scale. Neo analyzes and automatically fixes policy violations with configurable guardrails and approval workflows. Enhanced policy management capabilities, including executive dashboards and org-wide enforcement, are now available across Team, Enterprise, and Business Critical editions.
Platform teams managing multi-cloud infrastructure face a capacity challenge: governance and security tools can identify thousands of policy violations across an organization's infrastructure, but each violation requires manual engineering work to investigate, fix, test, and deploy. Organizations pursuing frameworks like HITRUST or FedRAMP can face backlogs exceeding 100,000 violations. Existing approaches focus primarily on detection. Policy-as-code frameworks prevent non-compliant infrastructure from being deployed but do not fix violations in existing infrastructure.
"We gave our auditors access to our policy packs because it's far easier to understand and prove controls in code than in docs and diagrams," explained Michael Hunter, CEO at Spear AI, a Pulumi customer. "With Pulumi's Policy as Code approach, that manual review process has gone away. We've reduced our ATO timeline from a year and a half to expecting approval in three months."
"Platform teams tell us they can't keep pace with the volume of policy violations their tools identify," said Joe Duffy, CEO and Co-founder of Pulumi. "Detection is necessary but not sufficient. Neo addresses the remediation gap by understanding policy violations in context, generating appropriate infrastructure-as-code fixes, and applying them automatically when teams choose, or routing them through approval workflows when human review is required."
Pulumi's enhanced policy capabilities work across any infrastructure on any cloud provider, enabling organizations to assess and remediate policy violations without requiring prior migration to Pulumi infrastructure-as-code. The platform includes pre-built compliance frameworks for CIS, NIST, PCI DSS, HITRUST, ISO 27001, and SOC 2, along with policy enforcement at deployment time, audit scanning of existing infrastructure, and Neo's AI-powered remediation with configurable approval workflows.
"The infrastructure governance challenge has shifted from detection to remediation at scale," said Jim Mercer, Program Vice President, Software Development, DevOps, and DevSecOps at IDC. "Organizations are drowning in policy violation backlogs that grow faster than teams can manually address them. Pulumi's integration of AI-powered remediation with policy-as-code represents an opportunity to shift from simply identifying problems to automatically resolving them within established compliance boundaries. This capability could help address the critical bottleneck we're seeing across enterprises: having visibility without the capacity to act on it."
Pulumi's policy capabilities are now available to all Pulumi Cloud customers, including Team, Enterprise, and Business Critical tiers.
Additional information is available at pulumi.com/pulumi-policies
About Pulumi
Pulumi is the infrastructure-as-code platform used by engineering teams to build, secure, and manage cloud infrastructure using familiar programming languages and tools. Founded in 2017, Pulumi serves over 3,700 customers. Learn more at pulumi.com.
Media Contact
[email protected]
SOURCE Pulumi
Share this article