Sample report. Every candidate and score below is fictional, shown to illustrate what employers receive. Real reports are private, per-assessment secret links.

Cloud Security Engineer — S3 & IAM Hardening

s3-misconfiguration-audit · Created Jul 2, 2026

Preliminary scoring. Objective correctness is verified now; quality, speed, process, reflection, and integrity signals are being finalized and will appear here shortly.
CandidateObjectivesCorrectnessTimeReflection
Priya S.6 / 6
100%
41 min
Ananya K.5 / 6
83%
52 min
Rahul M.4 / 6
67%
58 min
Vikram T.2 / 6
33%
60 min

Candidates are ranked by verified performance on a real, isolated AWS environment — not a quiz. Each row links to a full per-candidate breakdown (shown below).

Inside a candidate's report

Priya S.

Preliminary scoring. Objective correctness is verified now; quality, speed, process, reflection, and integrity signals are being finalized and will appear here shortly.
Correctness6 / 6
100%

Objectives

  • Public access blocked on all data buckets (account-level + per-bucket) Passed
  • Server-side encryption enforced (SSE-KMS) on the data bucket Passed
  • Bucket policy requires TLS (aws:SecureTransport) for all requests Passed
  • Over-broad s3:* on the pipeline IAM user replaced with least-privilege actions Passed
  • Access scoped to the specific bucket ARN (no Resource "*") Passed
  • Wildcard admin policy detached from the deployer role Passed

Written reflection

The data bucket was public and unencrypted, and the pipeline user had s3:* on all resources. I blocked public access at the account and bucket level, enforced SSE-KMS, and added a TLS-only bucket policy. For IAM, I replaced the wildcard with the five actions the pipeline actually uses, scoped to the bucket ARN, and detached the admin policy so a leaked key can't escalate.

AI reflection scoring: finalizing.

Other dimensions

Solution qualityFinalizing
SpeedFinalizing
ProcessFinalizing
IntegrityFinalizing

This is what you get for every candidate.

Send a link, the candidate solves a real cloud security task in an isolated AWS account, and you get a verified, side-by-side report. No résumé guesswork.

Book a walkthrough