• Cloud Security Assessments

  • As organizations migrate to cloud providers we are seeing an increase in incidents due to misconfigurations. These misconfigurations range from a lack of understanding how cloud resources are provisioned and what security controls need to be implemented.

    Our cloud security team has experience in Google Public Cloud, Amazon Web Services, and Microsoft Azure. Don't assume that security is built in by default in these cloud environments.

  • Cloud Security

    We find that many of our clients are unintentionally exposing administrative services to the Internet such as SSH and RDP. This creates security risks that are introduced in many default configurations.

  • Cloud Data Exfiltration

    There are many avenues for data exfiltration in cloud resources. It's important to understand how sharing cloud resources can be done securely without risking confidential data critical to your organization.

  • Logging, Monitoring, and Alerting

    Logging, monitoring, and alerting in cloud resources is important to determine when bad things are happening. This is one of the most overlooked aspects of cloud security we see in most organizations.

  • Cloud Permissions

    Permissions in the cloud important to consider. Setting up permissions for folders, buckets, containers, and files can be tricky. We find that 90% of our clients have permissions that increase risk to their organizations. This risks include insider threats, data exfiltration, and data leakage.

  • Cloud Asset Management

    Asset management in the cloud can get out of control quickly. Setting up new cloud assets can be performed in a few clicks. This can result in assets that are not tracked, increased vulnerabilities, increased cost, and increased risk.