A comprehensive 2-week review of your entire AWS environment. We identify every critical misconfiguration, overly permissive IAM policy, and exposed resource — then give you a prioritized roadmap to fix them.
Our assessment covers all six critical domains of AWS security, mapped directly to the CIS AWS Foundations Benchmark v1.5 and SOC 2 CC6.1.
Root account usage, MFA enforcement, overly permissive policies, unused credentials, and IAM Identity Center configuration.
Public access settings, bucket policies, ACLs, encryption at rest, versioning, and replication configurations.
Security group rules, NACLs, open ports, internet-facing resources, VPC flow logs, and Transit Gateway configurations.
CloudTrail enablement, S3 access logging, CloudWatch alarms, GuardDuty, Security Hub, and Config Rules.
KMS key policies, EBS encryption, RDS encryption, Secrets Manager usage vs. hardcoded credentials.
EC2 instance profiles, IMDSv2 enforcement, ECS/EKS security configurations, and ECR image scanning.
A non-technical presentation for leadership summarizing risk posture, top findings, and business impact.
Detailed findings with evidence screenshots, affected resources, risk ratings, and remediation steps.
A 30/60/90-day action plan ranked by business risk — not just CVSS score — so your engineers know exactly what to fix first.
Every finding mapped to the specific CIS Benchmark control and SOC 2 Trust Service Criteria it violates.
Day 1. Scope confirmation, read-only IAM role setup, and intake questionnaire review.
Days 2–4. Prowler and ScoutSuite scans across all regions. 200+ checks executed.
Days 5–9. Deep manual analysis of IAM policies, network configs, and architecture.
Day 14. Final report, executive deck, and remediation roadmap delivered to your SharePoint portal.
50 critical AWS security checks covering IAM, S3, networking, logging, and encryption — mapped to the CIS AWS Foundations Benchmark. Used on every engagement.
Powered by Microsoft Forms — your data stays within our secure Microsoft 365 tenant.