What is your AWS account silently getting wrong?

Find out in 3 minutes — free, read-only, nothing installed. 13 security checks run by you, inside your own AWS Console. The report never leaves your account.

AWS CloudShell — paste and run
curl -sL https://www.arxcloudsecurity.co.uk/arx-iam-check.pyz -o arx.pyz && python3 arx.pyz

Open the AWS Console → click the CloudShell icon (>_) in the top bar → paste. Then read your report: cat output/report.md

Prefer to talk it through first? Book a free 15 minute AWS IAM review

How it works

1

Open CloudShell

The >_ icon in your AWS Console top bar. Python and your credentials are already there — nothing touches your laptop.

2

Paste one line

The tool runs 13 read-only checks: root & user MFA, key age, wildcard policies, cross-account backdoors, public snapshots, CloudTrail, and more.

3

Read your score

A plain-English report with a pass score and what each failure actually means for your business — no jargon, no dashboard to learn.

See exactly what you'd get

This is a genuine report from our validation environment — produced by the same engine that runs paid scans, with identifiers redacted by the tool's built-in redaction. No mock-ups.

39confirmed Critical & High
findings in one account
Every finding is confirmed by two independent scans before it reaches the report — single-scan noise and false positives are filtered out, so every line is worth your time. Cost baseline, resource inventory, and wasted-spend detection included.
Read the sample report →

When the free check finds something

The free check covers identity only. Your S3 buckets, networking, encryption, logging, and 30+ other categories need the full baseline.

AWS Baseline Diagnostic

£1,500 fixed, 5 working days
  • Everything in the hosted scan, human-analysed
  • Multi-account / AWS Organization coverage
  • Priority fix list, written for your board or client
  • 1-hour readout call with a security engineer
  • Diagnosis and prioritisation only, not implementation
Talk to us →