← Back to Cybersecurity
Researchpublished

Cloud Security

As the cloud security engineer at SWBTL LLC, I have been tasked with addressing the security concerns and lack of documentation left behind by a disgruntled employee.

Cloud SecurityDocumentationEmployee OffboardingSecurity Assessment

Last updated: June 16, 2025

Quick Links

📄 View Full Document

Project Overview

SWBTL LLC contracts with the government and processes card payments daily. So it must comply with certain regulations such as the Federal Information Security Modernization Act (FISMA) and the Payment Card Industry Data Security Standard (PCI DSS). With the upcoming NIST SP 800-53 assessment, it's critical to secure the organization's security posture. Upon assessing and verifying the current vulnerabilities, I will recommend and implement configuration changes that align with business requirements and comply with regulatory guidelines to ensure adherence. This paper will give the company an overview of its current cloud environment and recommendations and mitigations to improve the security posture of the organization.

Key Findings

  • Role-Based Access Control (RBAC) Misalignment
  • Azure Key Vault Security Gaps
  • Backup and Recovery Configuration Issues
  • Compliance and Regulatory Requirements
  • Shared Responsibility Model Risks

Tools & Technologies

Azure Active DirectoryAzure Key VaultAzure StorageAzure Monitor

Techniques & Methodologies

FISMAPCI DSSNIST SP 800-53

Want to dive deeper?

Check out the full technical documentation and detailed analysis.

Read Full DocumentView All Projects