NCC Group will highlight weaknesses in your AWS cloud services and processes tailoring this to audiences, as needed, from providing technical vulnerability descriptions and remediation actions to your operations teams, to strategic recommendations at the board-level for improving the state of security in both the short and long term. NCC Group will review the configuration of key security controls across your cloud environment(s).

This includes:

• Logging, Monitoring, auditing, notifications/alerting, and reporting

• Network design, traffic flow and control

• Information management and classification

• Encryption of Data

• Application protection

• Data Store configuration and permissions assigned

• Integration with existing security processes (e.g., risk management, security policies, training, joiners & leavers, change control) and backup regime

• Business Continuity

• Operational support mode (including incident management)

• Legal & regulatory compliance (e.g., PCI, CIS, ISO27001, AICPA, GDPR)