Skip to main content
Black Tyger Strategies
Home
Business Health Check-Up
How We Work
Services
Insights
Contact Us
Cybersecurity Architecture Assessment
Cybersecurity Architecture Assessment — Free Assessment
Assessment Form
Contact Name
(Required)
First
Last
Company Name
(Required)
Contact Email
(Required)
Secure Design Principles
Is threat modelling conducted for new systems and significant architecture changes?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Are security design principles — least privilege, defence in depth, fail-safe defaults — applied consistently?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Secure SDLC & DevSecOps
Is static application security testing (SAST) integrated into the CI/CD pipeline?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is software composition analysis (SCA) used to identify vulnerable open source dependencies?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Identity & Access Architecture
Is Single Sign-On (SSO) implemented for all internal applications?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is phishing-resistant MFA (hardware keys, passkeys, or app-based TOTP) enforced for all user accounts?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Data Security Architecture
Is sensitive data classified and labelled across all systems — databases, file stores, and SaaS?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is sensitive data encrypted at rest and in transit using current standards?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Network Security Architecture
Is the network segmented to limit lateral movement — production, development, and admin traffic separated?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Are firewall rules documented, reviewed, and right-sized — no permissive rules without business justification?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Cloud Security Architecture
Is a Cloud Security Posture Management (CSPM) tool in use to detect misconfiguration?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is cloud IAM configured on least-privilege principles with no standing high-privilege access?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Endpoint Security Architecture
Is Endpoint Detection and Response (EDR) deployed on all managed endpoints?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is full-disk encryption enforced on all laptops and mobile devices?
(Required)
Not at all
Basic / Partial
Mostly
Fully
API & Integration Security
Is there a current inventory of all APIs — internal, external, and third-party — with their data exposure?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Are all APIs authenticated — no unauthenticated endpoints in production?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Cryptography & Key Management
Are cryptography standards documented — approved algorithms, key lengths, and deprecated cipher prohibition?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is TLS 1.2 minimum enforced everywhere — no SSL or TLS 1.0/1.1 in use?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Resilience & Recovery Architecture
Are backups architecturally separated from production — immutable and offline or air-gapped copies?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Are RTO and RPO defined for all critical systems and validated through tested recovery?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Software Supply Chain Security
Are third-party software vendors assessed for security posture before onboarding?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is a Software Bill of Materials (SBOM) maintained for critical applications?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Architecture Review & Governance
Is there a security architecture review process for new systems, major changes, and third-party integrations?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Is a security architecture review conducted at least annually across the full technology estate?
(Required)
Not at all
Basic / Partial
Mostly
Fully
Menu