Technical audits · P_03_AUDITS

See structural weaknesses before they are exploited.

Beyond pentests, Narok runs targeted audits on the structural robustness of your environments. A clear view of technical risks, with prioritised, specific corrective actions.

Four audit types

Choose the right perimeter

Code review

Source-code review to identify security weaknesses before production.

Injections
Authentication
Cryptography
Business logic
Dependencies
Secrets

Java · Python · Go · Node.js · PHP

Configuration audit

Analysis of systems, network and cloud configurations to detect deviations from best practices.

OS Linux/Windows
Cloud AWS · Azure · GCP
Kubernetes · Docker
Active Directory
Firewall · WAF
Critical SaaS

CIS · ANSSI · vendor benchmarks

Architecture audit

Evaluation of a system or infrastructure design from a security standpoint.

Threat model
Segmentation
Identity · IAM
Exposure surface
Flows & trust
Continuity plan

STRIDE · ANSSI

AI perimeter audit

Dedicated audit for systems integrating AI. Models, prompts, data, integrations.

Prompt injection
Data poisoning
Data leakage
LLM over-trust
Tool chain
RAG · vector

OWASP LLM

Si vis pacem, para bellum.

Ensure peace.
Prepare for war.

A partner replies within 48 hours for an initial technical exchange.

Request an audit

See structural weaknesses before they are exploited.

Choose the right perimeter

Ensure peace. Prepare for war.

Ensure peace.
Prepare for war.