AWS security is a shared responsibility model. Secure configuration remains the customer’s responsibility but is complex meaning that errors are easily made. These often result in account compromise and data breaches.
Evalian® can assess the security of your AWS environment identify risks to your service and data, based on best practice, and provide recommendations for improving AWS security for an affordable, ﬁxed price.
Our AWS Security Configuration Assessment
covers over 50 individual items covering the
following key security considerations:
> Identity & Access Management
If you operate a large, complex AWS environment consisting of lots of repeated services and numerous components, we’ll focus our assessment on specific scope agreed before the engagement begins. Alternatively, we can scope for a larger engagement and provide you with a tailored quote.
The AWS service is delivered over four days during which our consultant will review your AWS environment compared with best practices.
They will prepare a detailed report setting out their findings for each area of review, together with their rating and recommendations.
Your consultant will schedule a call with you after providing the report to discuss the issues identified, remediation options and answer any questions.
Once a statement of work has been agreed upon, we’ll request read-only administrator access to your AWS environment and carry out the assessment. Our consultant will compare your Amazon Web Services security configuration against best practices, based on the CIS Benchmark for AWS, Amazon’s own guidance our consultant’s knowledge and experience.
Upon completion of the assessment, our consultant will provide you with a detailed report setting out our findings and recommendations. We grade the secure configuration with a ‘Pass’, ‘Partial’ or ‘Fail’ rating. The meaning of the ratings is as follows:
Pass: Indicates the component is configured in line with best practice.
Partial: Indicates some adherence to best practice, but not always (for example, where there are multiple of the same cloud resource).
Fail: Indicates the client has not configured the component in accordance with the best practice.
A Partial or Fail rating does not necessarily mean an immediate risk to your AWS environment (as you may have other compensating security controls in place to cover the risk) but a Partial or Fail should be reviewed to confirm the configuration was specifically set as identified or to correct it.
The report will include remediation recommendations, including our reasoning, and links to relevant remediation information. Our consultant will also use the overall results to prioritise the next steps based on the potential risk to your AWS environment.
Please ask us if you would like to see an example report.
Please contact us to arrange a no-obligation
discussion about your testing objectives or to
request an example report or more information about our AWS Security Configuration Service.