Cloud Security assessment
Mark Ballew
(0)
Contact for pricing
About this service
Summary
Give your security posture an audit to make sure the plans you have in place are actually the plans that keep common security mistakes out. At the end of this assessment, your project will have a documented plan to correct any potential security concerns.
What's included
Overview of security requirements
Take a birds eye view of the application and documentation to look for overarching security issues in the product.
Developer access audit
Look at how the product is being accessed by developers and suggest security changes. This is a good point to create a a SOC2 document, if required.
Workflow audit
Insure that credentials are not leaked, re-used, or stored. Suggest ways to automatically roll keys and certificates.
Policy audit
Check that there are not excessive access to critical infrastructure such as databases, applications, logs, metrics. VPCs are restrictive. VPNs are set up correctly
Skills and tools
DevOps Engineer
Cloud Security Engineer
Amazon EC2
Ansible
GitHub
Terraform
Work with me