Security Assessment

Identity & Access

How are user accounts, access rights and privileged accounts secured? Covers MFA, SSO, password policy, least privilege and regular access reviews.

Cloud Workplace

Security of M365 and Google Workspace. External sharing, audit logs and third-party app permissions.

Cloud Compute

Security of Azure, AWS and GCP. IAM roles, audit logs, backup protection and network segmentation.

Artificial Intelligence

Secure use of AI systems and language models (LLMs). AI governance, data protection, output filtering and adversarial testing.

Web Applications

Security of web applications and APIs. OWASP testing, dependency scanning, secrets management, WAF protection and security in the development process.

Workplace

Protection of endpoints, email and workplace security. EDR/XDR, email security, patch management, security awareness and remote access.

Governance

Organizational security measures and processes. Asset inventory, offboarding, incident response plan, backup testing, CISO role and security policies.