PentStark
Service · Cloud Security Review

Cloud reviews that expose IAM paths, not compliance checkboxes.

A cloud review that goes beyond CIS benchmarks — we enumerate real privilege-escalation paths, data-exfil routes, and blast-radius scenarios across your AWS, Azure, or GCP tenants.

CIS AWS / Azure / GCPNIST CSFMITRE ATT&CK for CloudCIS KubernetesNSA/CISA Kubernetes Hardening Guide
Talk through your scope
Service boundary

What’s covered

AWS, Azure, GCP architecture and configuration reviews.

5 coverage areas
  1. 01

    IAM & identity

    Role trust chains, privilege escalation paths, SSO / federation abuse, service-account sprawl.

  2. 02

    Network

    VPC design, egress controls, exposed services, private connectivity review.

  3. 03

    Data

    Storage permissions, encryption, exfil paths, backup / snapshot exposure.

  4. 04

    Kubernetes

    RBAC, workload identity, admission control, runtime posture.

  5. 05

    Supply chain

    Container registries, image signing, build provenance.

Handoff

Deliverables

  • Attack-path graph (IAM, network, data)
  • Prioritized finding list mapped to CIS, NIST CSF, customer controls
  • IaC policy-as-code recommendations (OPA / Checkov / tfsec)
  • Runbook for top 10 remediation items
Intended result

Outcomes

  • A map of real attack paths, not a compliance checklist.
  • Policy-as-code baseline so regressions get caught at PR time.
Delivery model

Methodology and service timing

Methodology references

  • Cloud
    CIS AWS / Azure / GCPNIST CSFMITRE ATT&CK for Cloud
  • Kubernetes
    CIS KubernetesNSA/CISA Kubernetes Hardening Guide

Timelines and SLAs

Engagement duration
3–6 weeks typical
Critical finding alert
Same-day
Questions

Cloud Security Review FAQ

Do you need prod access?
Read-only prod or a production-parity environment. We'll advise on least-privilege review roles.
Do you support multi-cloud?
Yes — AWS, Azure, GCP, and hybrid.
Next step

See how Cloud Security Review fits your scope.

AWS, Azure, GCP architecture and configuration reviews.