top of page

Secure Configuration Review

Secure configuration reviews involve a methodical audit of your, cloud environments or SaaS applications to ensure that all settings follow security best‑practice standards. This means checking everything from IAM policies, account settings and network permissions to encryption configurations and logging settings. Misconfigured systems such open S3 buckets or unsecured admin accounts are among the most exploited vulnerabilities, and often stem from human error or default settings left unchanged.

​

For businesses, the benefits are significant. First, it reduces the attack surface by closing off common entry points, preventing incidents like data leaks or ransomware. Second, it brings consistency and stability to operations by ensuring systems are set up as intended, easing troubleshooting and reducing unexpected downtime. Finally, it supports compliance and governance, helping you meet standards such as CIS, ISO, GDPR or PCI‑DSS, and often simplifies cyber‑insurance requirements . 

Amazon Web Services (AWS)

We review your AWS environment across all regions and accounts, focusing on the core services and features that support secure cloud operations. Our checks ensure that identity, networking, storage, and logging services are correctly configured to protect against common misconfigurations.

​

  • IAM – Users, roles, groups, permission boundaries, policies, Access Analyzer, and root account controls

  • Storage & encryption – S3, EBS, RDS, EFS, Secrets Manager, and AWS KMS key usage

  • Networking – VPCs, subnets, security groups, NACLs, internet gateways, NAT gateways, route tables

  • Monitoring & logging – CloudTrail (multi-region, log file validation), AWS Config, CloudWatch, GuardDuty, Security Hub

  • Serverless & compute – Lambda execution roles, EC2 instance profiles, container/task roles in ECS/EKS

Azure

Our Azure configuration review checks for proper identity controls, network segmentation, secure data storage, and logging. We ensure your environment aligns with Microsoft’s security benchmarks and supports a Zero Trust model.

​

  • Identity & access – Entra ID, Conditional Access, MFA enforcement, Privileged Identity Management (PIM), service principals, and role assignments

  • Networking – VNets, NSGs, Azure Firewall, private endpoints, DDoS Protection, Azure Bastion, and VNet peering

  • Storage & encryption – Managed disks, Storage Accounts, SQL Database encryption, Key Vault, customer-managed keys (CMKs)

  • Monitoring & compliance – Defender for Cloud, Azure Monitor, Activity Logs, Diagnostic settings, Log Analytics, Sentinel

  • Governance – Azure Policy, Security Center recommendations, tagging and resource group structure

Microsoft 365 (M365)

We assess the security of your Microsoft 365 tenancy by reviewing how identity, collaboration, and monitoring tools are configured. This helps ensure your cloud-based productivity suite is locked down against common threats and misuse.

​

  • Identity & access – Entra ID, MFA settings, group membership, conditional access, guest and external user controls

  • Email & messaging – Exchange Online (anti-phishing, spam filtering, DKIM, DMARC, SPF records), mailbox permissions

  • Collaboration tools – SharePoint and OneDrive sharing policies, Teams guest access and meeting permissions

  • Audit & logging – Unified Audit Log, alert policies, retention policies, and mailbox audit settings

Google Cloud Platform (GCP)

We check your GCP projects to confirm secure identity usage, network controls, encryption, and visibility. The goal is to ensure services are not overly exposed and that critical activities are monitored effectively.

​

  • Identity & access – IAM roles, service accounts, key rotation, organisation policies, and workload identity federation

  • Networking – VPC design, firewall rules, private access, shared VPCs, and interconnects

  • Encryption – Cloud Storage, Persistent Disks, Cloud SQL encryption settings, use of CMEK/CSEK with Cloud KMS

  • Logging & security tools – Cloud Logging, Monitoring, Cloud Audit Logs, Security Command Center, Event Threat Detection

SaaS Solutions

We tailor our configuration reviews to suit the SaaS applications your business relies on. We focus on access controls, integration with your identity platform, and whether logging and sharing controls are configured appropriately.

​

  • Authentication & access – SSO/SAML integrations, SCIM provisioning, user roles and permissions

  • Collaboration & sharing – Public sharing links, guest access, domain restrictions, and data access controls

  • Logging & monitoring – Application audit logs, access logging, alerting integrations with SIEM or admin portals

Amazon Web Servics (AWS)
Azure
M365
Google Cloud Platform (GCP)
SaaS Solutions
bottom of page