+49 89 89082-110
AWS Cloud Security Audit
The Amazon Cloud AWS offers a large number of services that can be more or less closely interlinked and that can provide a large number of different business processes and internal services for companies. Due to the large number of services mentioned and their purposes, their interlinking options and the relatively complex authorization concepts of AWS, consisting of roles, rights and policies that can be changed not only by humans, but also by machines and automated processes, this results in a very high degree of complexity. This can very easily lead to security errors that are difficult to identify, but if an attacker finds and exploits them, they can quickly lead to major financial damage.
NSIDE offers a comprehensive audit of the security-relevant configuration of AWS environments and the services and accounts used. This focuses on settings that have a direct or indirect influence on the security of cloud resources or the data processed there. This includes in particular, but is not limited to: access rights to cloud resources for third parties; IAM (user accounts, rights, policies, roles), the most important services (e.g. EC2, S3, Lambda, RDS), firewalling, general isolation against unwanted access from the Internet, monitoring & alerting, as well as lateral movement options within the AWS environment through machine roles and automatic processes.
