Objective The aim of the exercise is to review security controls in both internal and production environments. The exercise will help identify security gaps, discuss areas that should be considered for consolidation and ways to reduce cyber risk within these environments. Saepio will also help identify products and services that can be procured and consolidated to AWS marketplace. As part of the review, Saepio offer a free review against the AWS well-architected framework to ensure environments are configured against best practice.

Process As part of the review, Saepio will work through an infrastructure review document based on common security controls (Identify, Detect, Protect, Respond and Recover). The exercise is also broken down into basic, fundamental and organisational controls. The free AWS well-architected review is conducted using the Trend Cloud One Conformity platform.

Outcome The output will help identify areas of security maturity as well as define a suggested improvement plan for the next 12-18 months. The improvement plan will focus on addressing the basics and high risk areas first before moving onto more advanced controls. The AWS well-architected review will produce a report showing areas or risk and suggested improvement.