Services Best Practices Cloud Security Assessment

An efficient analysis of your cloud infrastructure that covers the cloud provider, container orchestration, and workloads.

What we do...

Painless data collection
Most clients can provision access and supporting resources in a matter of minutes, all of our collection tools are custom-developed and released as open-source, and the read-only collection process can be safely performed without any impact to production systems. De-provisioning access when the engagement is over is just as easy.
Deep resource coverage
Our collection approach goes far beyond just the surface-level issues that apply to the core cloud services. We go deeper than just basic configuration settings. We evaluated related resources and give deeper insight into the often-overlooked combinations that attackers count on to be successful.
Actionable findings
Every finding includes an attacker-focused risk rating, a description with examples of how an attacker might benefit, an operations-focused remediation plan describing known "gotchas" and estimated level-of-effort required to implement, commands to run to validate the issue has been fully remediated, references to more supporting information, and multiple tag types for filtering.
Top five guidance
It can be overwhelming to interpret and prioritize hundreds of findings. We distill the technical findings into the five most important areas of focus for your team to quickly achieve the maximum benefits of targeted risk reduction so you can get back to your core business.
Flexible report options
We recognize that the output of our work is likely the input for other tools like ticketing systems or workflow management platforms. We group related findings to avoid finding fatigue and deliver our them to you via a dynamic and flexible tool that allows you to sort, filter, and prioritize based on your unique needs.
VMware Carbon Black

“The Darkbit assessment was both valuable an actionable. We will use the report to fix what needs to be fixed and create validation tools that will ensure continuous security and compliance.”

You might be thinking...

How long does this take?
We've built a lot of custom tools and process to make the tedious parts of a cloud security assessment as effecient as possible. We can usually finish the entire project in 3 business days.
How much does it cost?
We always give you the full cost up front, so there are no surprises or cost overruns. For a single AWS account or Google Cloud organization, the cost is $10,000 USD.
What kind of deliverables do you provide?
We deliver our entire report, findings, recommendations, and compliance readiness report in structured JSON format that can be easily uploaded and viewed via a purpose-built, client-side web interface. The interface lets you filter and sort the data in ways that best suit your team's workflow, or you can quickly manipulate the data using basic JSON parsing tools and scripts in any way you need (e.g. to easily bulk insert into your organization's ticketing system).
Who fixes the issues and remediates the findings identified in the report?
Ideally, this is up to your engineering, infrastructure, and security teams. However, some teams get overwhelmed at the prospect of addressing every issue indentified in the Cloud Security Best Practices report in a reasonable timeframe. In that case, we have several trusted partners that specialize in DevOps and cloud engineering that can assist you with those remediation issues.

Why work with us?

Your primary business probably isn't cloud security, but ours is. Working with us lets you focus on what you do best. We only do one thing - cloud security - and we take a lot of pride in doing it well.

We're experts
Helping clients improve their cloud security posture is all we do. That focus allows us to spend considerable time and energy researching modern threats to cloud-first companies so you don't have to.
We do the tedious work
Many companies are building and developing at a fast pace. Digging into security issues across a sprawling cloud infrastructure can be time consuming and tedious, especially if you don't have the right tools and processes close at hand.
We've seen it before
We've seen a lot of different environments. We've seen what works and what doesn't at many different scales. While we don't specifically endorse 3rd party products or vendors, we can usually tell you what other clients have been successful with and where they've run into problems.

Ready to get started?

Give us some basic info about your organization.

The best way to see if we're a fit for you is to have a quick phone or video call. We'll ask a few questions and explain our approach. If we can help, we'll lay out a clear timeline of what to expect and then we'll get to work.

When you fill out this form, we'll email you right away to schedule the initial call via phone or video.

Our workloads run primarily on:
We use Kubernetes in production: