Fix My Code
PropTech
All case studies
PropTechPropTech Platform, Series A

Locking Down a Leaky AWS Setup for a Series A PropTech

Found publicly readable S3 bucket with tenant lease data, misconfigured IAM roles, and unencrypted RDS snapshots.

0
Public S3 buckets after
0 → 12
IAM roles reduced
0%
CloudTrail coverage

The Challenge

CTO got a HackerNews alert about a similar company's S3 breach. Ran a quick check, found three public buckets. Called us the same day.

The Solution

Full AWS infrastructure audit: S3 ACLs, IAM policy review, VPC security groups, RDS encryption at rest, CloudTrail completeness, Secrets Manager adoption. Remediated everything within a two-week sprint.

The Results

Zero public S3 buckets. All RDS snapshots encrypted. IAM reduced from 47 overpermissioned roles to 12. CloudTrail coverage: 100%.

0
Public S3 buckets after
47 → 12
IAM roles reduced
100%
CloudTrail coverage

Could your app use the same treatment?

Start with a free audit. Three findings, ranked, no pitch attached.

Get my free audit → All case studies