NEW: The State of AWS Security 2026 - Free WhitepaperFree AWS Security Whitepaper

Toc ConsultingCloud. Secure. Scale.

Interactive Security Tool

Security Score Calculator

Assess your AWS security posture in minutes. Answer 25 questions across 6 security domains and get a weighted score with actionable recommendations.

100% client-side. Your answers never leave your browser.

Identity & Access

5 questions - 25% weight

Do you enforce MFA on all IAM users and root accounts...
Do you use IAM roles instead of long-lived access keys for a...

Data Protection

4 questions - 20% weight

Is encryption at rest enabled on all storage services (S3, E...
Is encryption in transit enforced (HTTPS/TLS) on all endpoin...

Network Security

4 questions - 15% weight

Do your security groups follow least-privilege (no 0.0.0.0/0...
Do you use VPC Flow Logs to monitor network traffic...

Monitoring & Detection

5 questions - 20% weight

Is AWS CloudTrail enabled in all regions with log file valid...
Is Amazon GuardDuty enabled in all regions...

Incident Response

3 questions - 10% weight

Do you have documented incident response playbooks for commo...
Can you isolate compromised resources (revoke sessions, quar...

Compliance & Governance

4 questions - 10% weight

Is AWS Config enabled recording all resource types in all re...
Do you use AWS Organizations with a multi-account strategy...

How It Works

1

Answer Questions

25 questions across 6 domains. Choose Yes, Partially, No, or N/A.

2

Get Your Score

Weighted score from 0 to 100 with per-domain breakdown and severity ratings.

3

Fix the Gaps

Prioritized recommendations with links to security cards, playbooks, and glossary terms.