Assessments / AWS Cloud Security Assessment

AWS Cloud Security Assessment

The industry is making a massive shift from expensive on-site data centers to cloud-hosted servers, micro-services and serverless applications. This shift changes the effectiveness of traditional security tools, but allows for new creative strategies to take their place.

Purpose

Cloud security assessments interrogate your cloud environment to identify security misconfigurations and vulnerabilities that expose your organization to undue risk. Common misconfigurations include excessive access and permissions granted to roles and users, publicly accessible cloud storage and lack of logging and monitoring, among others. Abricto Security leverages our in-house AWS security experts to take a hands-on look at your AWS accounts to validate adherence to AWS security best practices.

Areas of Focus

Abricto Security conducts an in-depth review of critical AWS services:

  • IAM
  • VPC
  • S3
  • Config
  • EC2
  • Route53
  • RDS
  • RedShift

Deliverables

  • AWS Inspector configurations to automate recurring scans for CIS Top 20 compliance.
  • Comprehensive report detailing misconfigurations and vulnerabilities.
  • Executive debrief outlining current cloud security posture and estimated timeline to remediation.
  • Technical debrief with cloud engineers in which we provide actionable remediation steps and measures.

According to Gartner, AWS is the leader in cloud-hosted environments. Abricto Security recognizes this market dominance and has partnered with AWS to become a trusted provider of security assessments. We offer our clients our years of experience architecting and securing AWS environments. This allows us to identify security misconfigurations, map potential attack vectors and construct comprehensive threat models of our customers' environments.