Contacts
+49-172-6371372
logo

Configuration audit and cloud security assessment

REQUEST A QUOTE

Checking that your infrastructure uses modern security best practices

We support Amazon Web Services, Google Cloud, Microsoft Azure, and other cloud infrastructures.

Let’s take an AWS audit as a popular example. During the audit, we analyze AWS accounts, network configurations, data encryption, security incident response, and more. We use top-ranked sources such as CIS AWS Foundations, security policies based on HIPAA, the FedRAMP, etc.

AWS Audit Plan

  1. Identifying assets in AWS.
  2. AWS account analysis.
  3. Governance audit. Understand what AWS services and resources are in use and ensure that the Customer’s security or risk management program has taken into account the use of the public cloud environment.
  4. Network configuration management audit. Verifying missing or inappropriately configured security controls related to external access and network security, which could result in a security exposure.
  5. Asset configuration and management audit. The management of the Customer’s operating systems and security applications is verified to protect the security, stability, and integrity of the assets.
  6. Logical access control audit. Focuses on identifying how users and permissions are set up for the services in AWS, ensuring that the Customer securely manages the credentials associated with all AWS accounts.
  7. Data encryption audit. Understand where the data resides, and validate the methods that are used for protecting the data at rest and in transit (also referred to as “data in flight”).
  8. Security logging and monitoring audit. Validating if audit logging is performed on the guest OS and critical applications installed on Amazon EC2 instances and that the implementation is in alignment with your policies and procedures. Special attention is paid to the log storage, security, and analysis.
  9. Disaster recovery audit. Disaster recovery controls are checked for operational effectiveness.
  10. Security incident response audit. Incident management controls are checked for operational effectiveness.

Check out our additional services and business cases. Send the form below to request a cloud configuration audit. Get a free consultation.

REQUEST A QUOTE

Related services

You might also be interested in:
Penetration testing Penetration testing Red Team – test your incident response Red Team – test your incident response Security audit of source code Security audit of source code Incident investigation and forensics Incident investigation and forensics Server hardening Server hardening DoS, DDoS, and TDoS protection DoS, DDoS, and TDoS protection Implementation of cloud security Implementation of cloud security Software development Software development DevOps DevOps Protection of websites Protection of websites Managed threat detection and response Managed threat detection and response
#AWS #Azure #CIS #cloud_infrastructure_audit #cloud_security #compliance_audit #configuration_audit #Google_Cloud #HIPAA #incident_response #local_network_audit #organization_audit #service_audit

Business cases of projects we completed

Audit of smart contracts and blockchain
Read
Business Automation
Read
Information security incident response and investigation
Read
Managed security and compliance (ISO 27001, etc.)
Read
Security analysis of software source code
Read
Security assessment: audits and penetration tests
Read
Security Operations Center cases
Read
View all

Contact us

As an option, use this form:




    This website, like any other well developed website, uses cookies.
    Details