Want to understand how a cybersecurity audit works? Find answers to the most frequently asked questions here.
No. Enya Security audits are carried out on a read-only basis. No changes are made to your database or systems during the engagement. The goal is to observe, analyze, and identify risks without interrupting your operations.
Yes. Most audits are carried out remotely through secure access (VPN, SSH, cloud console, or screen sharing depending on your environment).
Mainly:
It depends on the scope. On average:
Yes. Every engagement results in a detailed report including:
As well as the main compatible cloud services.
Yes. When the database is hosted in the cloud, a dedicated module covers network exposure, IAM access, backups, encryption, logging, and other controls suited to cloud environments.
No. Read-only access is preferred whenever possible.
Pricing depends on:
Check out the Pricing page or request a free quote.
No. The quote specifies the scope and any additional modules before the engagement begins.
Yes. A non-disclosure agreement (NDA) is signed before any engagement begins. All technical information is handled confidentially, and data collected during the audit is destroyed after the engagement in line with the agreed commitments.
No. Access provided is used solely to carry out the engagement and is then removed following the agreed procedure.
No. Enya Security performs audits and provides recommendations. You remain free to:
Yes. A post-remediation verification service is available to confirm that the recommendations have been properly implemented.