Skip to content

Security Posture Score – Measure & Track Your AWS Risk

Your posture score is a single number that summarises the security health of your AWS environment based on your most recent scan. It gives you and your team a shared, at-a-glance measure of how much risk is present — and whether things are getting better or worse.

The score runs from 0 to 100. A lower score means fewer or less severe findings — a score of 0 would mean a completely clean scan.

Score rangeWhat it signals
0 – 20Very low risk. Few findings, mostly low severity.
21 – 40Low risk. Some issues to address but nothing critical.
41 – 60Moderate risk. Mix of medium and high findings present.
61 – 80High risk. Critical or high-severity findings unresolved.
81 – 100Critical risk. Significant number of high/critical findings.

Think of it as a risk score, not a grade — lower is better.

The score is calculated from the findings in your most recent completed scan. Severity weighs heavily:

  • Critical findings contribute the most to the score
  • High findings contribute significantly
  • Medium findings have moderate weight
  • Low findings have minimal impact
  • Informational findings do not affect the score

Resolving a critical finding drops your score more than resolving five low-severity ones.

Your score has a dynamic ceiling that adjusts based on your environment. If TroveSec detects that your account has a high concentration of critical findings, the ceiling is lowered — meaning your score cannot reach 100 even if you resolved all low-severity findings. This prevents a false sense of cleanliness when serious issues remain.

The ceiling rises as critical and high findings are resolved.

Each scan compares against the previous one and produces a trend:

  • Improving — your score dropped since the last scan (fewer/lower severity findings)
  • Declining — your score rose (new or worsened findings appeared)
  • Stable — no meaningful change between scans

Use get_posture_score to get the current snapshot, and get_posture_trend to see how it has moved over time.

Score queries

  • “What’s my posture score?”
  • “How is my security trending?”
  • “Am I improving?”
  • “What’s driving my score up?”

Trend queries

  • “Show me my score over the last 30 days”
  • “How has our posture changed since we started the remediation project?”
  • “Plot my score history for the last quarter”
  • “When was our score at its worst?”

The fastest way to improve your score is to resolve your highest-severity findings first. Ask Claude:

  • “What should I fix to improve my score the most?”
  • “Give me a remediation plan focused on critical issues”
  • “What are the top 5 things driving my score?”

Claude will use get_top_risks_by_impact and get_remediation_plan to give you a prioritised, actionable list — not just a sorted dump.

A low posture score does not mean you pass a compliance audit, and a high score does not mean you fail one. For compliance readiness specifically, use get_soc2_gaps — it maps your findings directly to SOC2 trust service criteria regardless of their impact on your score.

  • “Am I ready for SOC2 even with this score?”
  • “What are my SOC2 gaps?”