Yes. CloudWizard helps you identify security gaps, understand compliance posture, and prepare for audits or customer questionnaires with clearer visibility into your AWS environment. It doesn’t replace an auditor, but it gives you a far better starting point for SOC 2, ISO 27001, enterprise questionnaires, and ongoing security reviews.

The free scan runs once against your AWS account using a read-only role and gives you a security snapshot, critical risks view, and a basic compliance snapshot. You’ll see your overall pass rate, failing checks by severity, and examples of high-impact misconfigurations before deciding whether you need Pro.

Setup typically takes around 20-60 minutes depending on the size of your AWS Infrastructure. You deploy a CloudFormation stack that creates a secure, read-only cross-account IAM role in your AWS account. Once that’s in place, CloudWizard assumes that role with short-lived STS credentials and starts analysing your configuration automatically.

No. CloudWizard is built for startups and lean AWS teams without full-time security staff. Findings are prioritised and written in plain English so CTOs, founders, DevOps, and engineers can act without a big security department.

CloudWizard connects via a secure, read-only cross-account IAM role that you deploy in your AWS account.

• The role trusts only the CloudWizard AWS account and can require a unique external ID.
• Permissions are limited to read-only actions such as Describe, List, and Get for security posture inspection.
• Access is performed using short-lived STS credentials rather than long-lived static keys.
• You stay in control and can revoke access at any time by removing the role from your AWS account.

For a more detailed explanation, see our Security Access Architecture.

No. CloudWizard is designed to inspect configuration metadata, not application payloads. We do not read database contents, S3 object contents, application code, or secret values. The scan focuses on security-relevant configuration such as IAM policies, public exposure, encryption settings, logging posture, and compliance-related control checks.

No. CloudWizard complements AWS native services rather than replacing them. Many teams continue using Security Hub and GuardDuty as signal sources, while CloudWizard focuses on consolidated visibility, prioritisation, and reporting that’s easier for lean teams to act on.

You can always start with a free AWS security scan at $0. When you’re ready for deeper visibility, CloudWizard Pro is available as a subscription:

• Monthly Pro: $49.95/month
• Annual Pro: $39.95/month billed annually (save 20%)

Both Pro plans include the full security dashboard and compliance dashboard.

Both plans include the same Pro features. Monthly Pro gives you flexibility with month-to-month billing. Annual Pro lowers the effective monthly cost by 20% and is better for teams planning to use CloudWizard as part of their ongoing security and compliance workflow.

Yes. You can run the free scan, review the snapshot, and stop there if that’s all you need. Pro is only required if you want deeper dashboards, richer findings detail, compliance visibility, and ongoing posture management beyond the initial scan.

Pro subscriptions are handled securely through Stripe. Monthly plans renew each month and can be cancelled at any time; you keep access until the end of the current billing period. Annual plans are billed once per year and renew annually. You can manage or cancel your subscription from the billing portal inside CloudWizard.

Scan results are retained only for as long as needed to provide dashboards, reporting, and historical comparisons for your account. If you cancel Pro or want your data removed sooner, you can request deletion and we will remove associated scan data from our environment, subject to any legal or compliance obligations. You can also revoke the cross-account IAM role at any time so CloudWizard can no longer access your AWS account.