Defensive Services

Cloud service assessments evaluate the security configurations of cloud service platforms such as Google Cloud, Azure, and AWS by baselining their current configurations against cybersecurity best practices. Examples of common issues are unenforced MFA, lack of conditional access policies, publicly exposed S3 buckets, insufficient event logging, and no security monitoring.

Active Directory / Entra ID is often abused by attackers who exploit its misconfigurations to gain access to sensitive systems and confidential data. Our assessment identifies vulnerabilities and attack paths that may be lurking in your environment. Examples of common issues we identify are service accounts with excessive privileges, unconstrained Kerberos delegation, and misconfigured ADCS.

A security gap assessment is an evaluation of an organization's current cybersecurity state baselined against cybersecurity best practices. It is an ideal way to not only identify where your organization's security controls may be deficient, but also where they may be non-existent. Examples of our findings are no MFA, no Incident Response Plan, no video surveillance, and inadequate monitoring.

A vulnerability scan is an electronic scan used to identify technical vulnerabilities such as missing patches, unsupported operating systems, insecure system configurations, and more. While it is limited to technical scanning, it can provide insight into the current state of your systems and help with creating a prioritized roadmap that will guide you to where you want to go.