There Are Gaps in Your AWS Security Right Now

Find them before your next audit or customer security questionnaire does

A 14-day review delivered by a 15-year security architect. Full findings report, prioritized remediation plan, and walkthrough call

Request a Review View Pricing

Built for Teams Under Pressure

This review is for companies that don't have months to spare on audit prep or security discovery.

Prepping for an Audit

SOC 2, PCI DSS, or HIPAA audit coming up? Find the AWS gaps that will slow you down or surface during evidence collection.

Stuck on a Security Questionnaire

Enterprise prospect asking tough AWS questions? Get a clear picture of your posture and know exactly what to fix first.

Grew Faster Than Security

AWS environment expanded faster than anyone could monitor it? Establish a baseline and a plan to catch up.

What's Included

Everything you need to know where you stand and what to do next.

Full Posture Report

A detailed AWS security posture report with executive summary, findings by severity, and compliance mapping.

500+ Security Checks

Full AWS environment scan running the complete AWSight check library across every account and region.

Prioritized Remediation Plan

Top critical fixes with effort estimates and step-by-step guidance. Know exactly what to do first.

Compliance Mapping

Findings mapped to CIS, NIST 800-53, PCI DSS, and FSBP. Many SOC 2 and HIPAA controls map to the same AWS configurations we check.

Walkthrough Call

60-minute call to walk you through the report, answer questions, and talk through remediation priorities.

Optional Ongoing Monitoring

Keep AWSight running after the review for continuous coverage. First month is included in the engagement.

Your 14-Day Timeline

Clear milestones from kickoff to final walkthrough.

1
Day 1

Kickoff & Connect

30-minute kickoff call. You create a read-only IAM role using the policy provided. Monitoring starts the same day.

2
Days 2-7

Full Scan

Daily security checks run across every AWS account and region. Data is collected and analyzed against your target frameworks.

3
Days 8-14

Report & Walkthrough

Report drafted, QA'd, and delivered. 60-minute walkthrough call to review findings and remediation priorities.

Flat Rate Pricing

Based on the number of AWS accounts reviewed. No hourly billing, no surprises.

Essential

For small teams with one or two AWS accounts.

$2,500
  • 1-2 AWS accounts
  • 500+ security checks
  • Full posture report
  • Prioritized remediation plan
  • 60-minute walkthrough
  • Optional: Starter monitoring at $249/mo
Request a Review
Most Common

Professional

For growing teams running multi-account AWS.

$4,000
  • 3-5 AWS accounts
  • 500+ security checks
  • Full posture report
  • Prioritized remediation plan
  • 60-minute walkthrough
  • Optional: Professional monitoring at $499/mo
Request a Review

Business

For scaling organizations with production AWS footprints.

$6,000
  • 6-10 AWS accounts
  • 500+ security checks
  • Full posture report
  • Prioritized remediation plan
  • 60-minute walkthrough
  • Optional: Business monitoring at $749/mo
Request a Review

Frequently Asked Questions

What's the difference between the tiers?

Only the number of AWS accounts reviewed. Every tier includes the full 500+ check library, the same report depth, the same remediation plan, and the same walkthrough call. More accounts means more data to analyze and more findings to prioritize.

How does AWSight access my AWS account?

You create a read-only IAM role with a cross-account trust policy. The policy is provided during kickoff. AWSight has zero write permissions, no agents, and no infrastructure inside your account. Access can be revoked at any time.

What frameworks are covered?

Findings are directly mapped to CIS, NIST 800-53, PCI DSS, and the AWS Foundational Security Best Practices (FSBP). Many SOC 2 and HIPAA controls map to the same AWS configurations we check.

Do I have to keep the subscription after the review?

No. The review is a standalone engagement with a fixed deliverable. Ongoing monitoring is optional. If you choose to continue, the first month is included in the review cost.

What if I need help remediating, not just findings?

The review includes a prioritized plan and the walkthrough call covers remediation guidance. For hands-on fixes beyond that, separate remediation engagements can be scoped at the end of the review.

Can this replace a SOC 2 auditor?

No. A SOC 2 audit requires an independent CPA firm and can only be performed by one. The review gives you infrastructure-level findings and evidence of configuration state that will be useful to your audit preparation, but is not a substitute for the audit itself.

Ready to Know Where You Stand?

A 14-day review. A clear report. A remediation plan you can act on.

Request a Review