Salus Logo
Penetration Testing

Cloud Security

Many organisations utilise cloud services, but not all vendors provide secure configurations by default. Salus offers configuration reviews for alignment with best practices and maximum security on popular platforms like AWS, Azure, GCP, and Oracle Cloud.

What configuration reviews offer is alignment to good-practice and assurance that your cloud configuration is as secure as possible

Leveraging cloud is commonplace for most organisations given the makeup of IT and digital estates. The primary reason we offer these services is that most cloud vendors do not offer completely secure configurations by default or “out of the box”. What configuration reviews offer is alignment to good-practice and assurance that your cloud configuration is as secure as possible. At Salus, we have a great deal of experience in both designing, building, and testing cloud configurations through the most common cloud vendors including, AWS, Azure, GCP, and Oracle cloud. Don’t be perturbed if you use a different cloud platform, get in touch, and see if we have experience or expertise in your platform of choice.

Cloud Security Services


As one of the most commonly used suite of products globally, our Azure certified consultants have extensive experience in the design, deployment and security configuration of a range of Microsoft Azure products. We regularly perform configuration reviews of complex Azure architectures which include Entra ID integration, Blob Storage, Logic Apps, Data factory and the Azure API Management service, among others.


A newer player in the cloud services field, Oracle Cloud Infrastructure (OCI) has quickly grown a large user base and product suite that match the likes of Azure, AWS and GCP. They provide similar solutions, such as the OCI Compute, OCI Container Engine for Kubernetes, OCI Block Volumes, OCI Object Storage, among others. Our consultants have the knowledge and expertise to review the services provided by Oracle and determine where any shortfalls in adherence to good security practice exists.

Microsoft 365

We review the security configuration of Microsoft 365 to assess key elements, including data protection, access controls, identity and access management and data management. This includes analysing commonly used applications such as Teams, SharePoint, Outlook and Dynamics to ensure adherence to good security practices and industry standard, where applicable.


Our AWS certified consultants are adept at the deployment and configuration of commonly used AWS resources such as EC2, RDS, S3 and ElastiCache, which make up the foundation of many cloud architectures. We also have experience in serverless architecture components – Lambda, SQS, API gateway and others, which many organisations are migrating to for the scaling and availability benefits.

Architectural Design

As a key element of building in the cloud, it is important to understand how cloud resources are pooled, shared and scaled over a network or solution. Our consultants can translate technical and functional requirements of a solution and determine how it should be designed, while also considering the design’s usage and scalability.


Like other cloud service providers, the Google Cloud Platform provides various services, including the Google Compute, App, and Kubernetes engines, Cloud Storage, and Cloud SQL. They also offer serverless and non-serverless technologies. With experience in reviewing GCP implementations in various sectors including automotive, manufacturing and finance, our consultants are well placed to understand your implementation, and your requirements.

Binary Image

Our Approach

Whatever you're protecting, we apply defence grade cyber security skills whilst taking into consideration the realities of day-to-day business operations. We help our customers to address their known - and their unknown - cyber risks.

Here to Help
Tell Us Your Priorities!

Related Services