Identity & Access
Identity is the primary security perimeter in the cloud. We review who has access to what, whether that access is appropriate, and how well your credentials and secrets are managed.
IAM Policies, Roles & Least Privilege
We review IAM users, groups, roles, and policies across your accounts to identify overly permissive access. This includes policies with wildcard actions or resources, inline policies that bypass centralised management, unused roles and access keys, and accounts where the principle of least privilege is not being followed.
SSO & Multi-Factor Authentication
We assess your AWS IAM Identity Center (SSO) configuration, permission sets, and MFA enforcement. We check whether the root account has MFA enabled, whether all human users authenticate via SSO rather than IAM users, and whether session durations and access controls are appropriate.
Secrets Manager & Parameter Store
We assess whether AWS Secrets Manager and Systems Manager Parameter Store are being used consistently for credentials, API keys, and connection strings — or whether secrets are stored in plain text in environment variables, code, or CloudFormation templates. We review rotation policies and access controls on stored secrets.