Our goal is to provide a comprehensive assessment and a clear view of the risks associated with the current cloud infrastructure. This report is the result of a thorough analysis involving expert collaborators in multiple information security domains such as cloud security, perimeter security, application security, and DevOps.

The CRA was conceived to address a visibility gap that clients may have regarding the extent to which their environments may be exposed and to provide guidance on which priorities should be addressed, thus enabling more effective risk mitigation.

During the execution of the work, we will analyze the following items: • Evaluation of all AWS resources and services adopted in the environment. • Application security assessment. • Data protection assessment. • Identity and access management assessment. • Incident response process evaluation. • Infrastructure resource protection assessment. • Security automation and reliability process assessment. • Security governance process assessment. • Threat detection process assessment. • Vulnerability management process assessment. • Patch and update management process assessment.

These assessments will provide a comprehensive overview of the security landscape and help prioritize actions for effective risk mitigation in your cloud environment.