Some services can be bought directly from our website using Bitcoin.
How It Works
Click the Buy button – This will take you to our BTCPay server.
Fill in the required details – Such as your contact email, credentials, and any other prerequisites.
Make your payment – Choose either on-chain, liquid or Lightning Bitcoin payment.
We will review your submission – Once everything is in place, we'll notify you and begin the assessment.
Assessment timeline – Unless otherwise agreed, your assessment will be completed within 10 working days of submission.
Receive your report – You’ll get the final report via email.
AWS Configuration Review
A comprehensive white box security review of your AWS account configuration, combining automated scanning with detailed manual analysis. This assessment focuses on identifying vulnerabilities in the AWS control plane that could allow attackers to access data or systems, disrupt services and elevate privileges.
What’s Included:
Evaluation against latest industry standards including:
CIS AWS Foundations Benchmark
CIS AWS Compute Services Benchmark
CIS AWS Storage Services Benchmark
CIS AWS Database Services Benchmark
CIS AWS End User Compute Services Benchmark
AWS Foundational Security Best Practices.
Unique Snotra specific automated checks.
In-depth manual analysis of:
IAM Policies
Resource Based Policies
Cross-Account Trust Policies
User Accounts
Network Access Control Lists
Security Groups
To identify potential authorisation bypass and privilege escalation vulnerabilities, as well as unintended data exposure.
📄 View a sample report (coming soon)
Multiple Accounts or an Organization?: You can either:
Purchase a review for each account individually, or
Contact us to discuss a tailored solution.
Access Requirements: To perform the review, you’ll need to provide either:
IAM User credentials (including Access Keys), or
Username and Password and AWS SSO URL, or
a Cross-account Role ARN
Cross-account role trust policies should be configured to allow the following principal to assume the role:
"arn:aws:iam::243001516183:user/shaun"
The principal must have read-only access to all resources. This can be granted by attaching the following AWS managed policies:
ReadOnlyAccess
SecurityAudit
Price: $1500
Azure Configuration Review
A comprehensive white box security review of your Azure Tenancy and Subscriptions, combining automated scanning with detailed manual analysis. This assessment focuses on identifying vulnerabilities in the control plane that could allow attackers to access data or systems, disrupt services and elevate privileges. Includes Entra ID and all resources within a Management Group, Subscription(s) or Resource Group(s).
What’s Included:
Evaluation against latest industry standards including:
CIS Azure Foundations Benchmark
CIS Azure Compute Services Benchmark
CIS Azure Storage Services Benchmark
CIS Azure Database Services Benchmark
CIS Azure Kubernetes Service Benchmark
Unique Snotra specific automated checks.
In-depth manual analysis of:
Entra ID
Enterprise Applications (Service Principals) / App Registrations
Azure RBAC
Secret exposure
Network Access Controls
To identify potential attack paths including privilege escalation vulnerabilities and data exposure.
📄 View a sample report (coming soon)
Access Requirements: To perform the review, you’ll need to provide an Entra ID user account with both:
Global Reader Entra ID Role
Reader Azure RBAC Role
Additionally, the Entra ID user should be excluded from Conditional Access policies that may block us from accessing the account remotely and or using administrative tooling.
Price: $1500
M365 Configuration Review
A comprehensive white box security review of your M365 Tenancy, combining automated scanning with detailed manual analysis. This assessment focuses on identifying vulnerabilities in the control plane that could allow attackers to access data or systems, disrupt services and elevate privileges. Includes Entra ID and all M365 services including teams, sharepoint, exchange and endpoint.
What’s Included:
Evaluation against latest industry standards including:
CIS Microsoft 365 Foundations Benchmark
Unique Snotra specific automated checks.
In-depth manual analysis of:
Entra ID
Enterprise Applications (Service Principals) / App Registrations
Secret exposure
Sharing and cross tenant access
To identify potential attack paths including privilege escalation vulnerabilities and data exposure.
Endpoint (AKA Intune) configuration review, including:
Android Devices
Apple Devices
BYOD and Corporate Owned device configuration
📄 View a sample report (coming soon)
Access Requirements: To perform the review, you’ll need to provide an Entra ID user account with both:
Global Reader Entra ID Role
Sharepoint Administrator Role
Additionally, the Entra ID user should be excluded from Conditional Access policies that may block us from accessing the account remotely and or using administrative tooling.
Price: $1500
Free Cloud Scan
Perform a free automated scan of your cloud infrastructure to identify low hanging fruit and common misconfigurations.
Reports are created automatically with no manual intervention and may contain false positives. For a more in-depth assessment it is recommended to complete a full cloud configuration review which includes manual expert analysis of the account to discover more complex and nuanced findings, as well as framing any discovered security issues within the context of the account and any real world impacts.
Bitcoin Consultancy ₿
Want help getting started with Bitcoin? Book a session and we will get you set up with a wallet, send you some bitcoin and take you through making your first transaction.
Or maybe you would like to discuss any of the following:
Running a node
Home Mining
Bitcoin Layer 2s
Using Liquid
Using Lightning
Bitcoin Privacy
Bitcoin Security
Running a BTCPay Server
Once you have bought a session I will be in touch to arrange a suitable time.
Meetings will be conducted over Signal.
$120/hr