SecureCompass | AWS security posture scored

82%

of AWS accounts we assess have at least one publicly exposed resource.

Based on assessments across hundreds of AWS accounts.

Run a free assessment

Security Pillar Assessment

228 controls scored against the AWS Well-Architected Security Pillar. See which design principles pass, which fail, and track improvement over time.

10 security design principles evaluated
Period-over-period comparison
Per-service compliance breakdown

securecompass.io/dashboard

Security Principles 200 of 228 passing

SEC01 Secure operations 92%

SEC02 Identity management 42%

SEC03 Permissions 97%

Public Exposure Scanner

Every publicly accessible resource in your AWS account. S3 buckets, EC2 instances, RDS databases, API endpoints, and 18 more resource types.

22 resource types scanned
Risk-ranked findings with remediation guidance
Acknowledge intentional exposures

securecompass.io/public-exposure-scanner

Public Resources Found 3 critical

S3 bucket with public read access Critical

RDS instance publicly accessible High

EC2 with open security group Medium

Built by base2Services.

SecureCompass started as the tool we used to assess every new customer's AWS environment. We made it available as a SaaS so you can run the same instrument we run.

base2Services is an AWS Advanced Consulting Partner specialising in platform engineering and DevOps. SecureCompass is part of how we work, not a side project. It plugs into our managed services so the score is more than a report. It's a prompt for engineers who can act on it.