Security Posture Score – Measure & Track Your AWS Risk
Your posture score is a single number that summarises the security health of your AWS environment based on your most recent scan. It gives you and your team a shared, at-a-glance measure of how much risk is present — and whether things are getting better or worse.
What the score means
Section titled “What the score means”The score runs from 0 to 100. A lower score means fewer or less severe findings — a score of 0 would mean a completely clean scan.
| Score range | What it signals |
|---|---|
| 0 – 20 | Very low risk. Few findings, mostly low severity. |
| 21 – 40 | Low risk. Some issues to address but nothing critical. |
| 41 – 60 | Moderate risk. Mix of medium and high findings present. |
| 61 – 80 | High risk. Critical or high-severity findings unresolved. |
| 81 – 100 | Critical risk. Significant number of high/critical findings. |
Think of it as a risk score, not a grade — lower is better.
What drives the score
Section titled “What drives the score”The score is calculated from the findings in your most recent completed scan. Severity weighs heavily:
- Critical findings contribute the most to the score
- High findings contribute significantly
- Medium findings have moderate weight
- Low findings have minimal impact
- Informational findings do not affect the score
Resolving a critical finding drops your score more than resolving five low-severity ones.
Score ceiling
Section titled “Score ceiling”Your score has a dynamic ceiling that adjusts based on your environment. If TroveSec detects that your account has a high concentration of critical findings, the ceiling is lowered — meaning your score cannot reach 100 even if you resolved all low-severity findings. This prevents a false sense of cleanliness when serious issues remain.
The ceiling rises as critical and high findings are resolved.
Trend direction
Section titled “Trend direction”Each scan compares against the previous one and produces a trend:
- Improving — your score dropped since the last scan (fewer/lower severity findings)
- Declining — your score rose (new or worsened findings appeared)
- Stable — no meaningful change between scans
Asking Claude about your score
Section titled “Asking Claude about your score”Use get_posture_score to get the current snapshot, and get_posture_trend to see how it has moved over time.
Score queries
- “What’s my posture score?”
- “How is my security trending?”
- “Am I improving?”
- “What’s driving my score up?”
Trend queries
- “Show me my score over the last 30 days”
- “How has our posture changed since we started the remediation project?”
- “Plot my score history for the last quarter”
- “When was our score at its worst?”
Improving your score
Section titled “Improving your score”The fastest way to improve your score is to resolve your highest-severity findings first. Ask Claude:
- “What should I fix to improve my score the most?”
- “Give me a remediation plan focused on critical issues”
- “What are the top 5 things driving my score?”
Claude will use get_top_risks_by_impact and get_remediation_plan to give you a prioritised, actionable list — not just a sorted dump.
Score vs compliance
Section titled “Score vs compliance”A low posture score does not mean you pass a compliance audit, and a high score does not mean you fail one. For compliance readiness specifically, use get_soc2_gaps — it maps your findings directly to SOC2 trust service criteria regardless of their impact on your score.
- “Am I ready for SOC2 even with this score?”
- “What are my SOC2 gaps?”