{"id":2265,"date":"2026-06-01T11:43:52","date_gmt":"2026-06-01T09:43:52","guid":{"rendered":"https:\/\/www.digitalnisebeobrana.cz\/?page_id=2265"},"modified":"2026-06-01T12:11:00","modified_gmt":"2026-06-01T10:11:00","slug":"infra-audit","status":"publish","type":"page","link":"https:\/\/www.digitalnisebeobrana.cz\/en\/infra-audit\/","title":{"rendered":"Infra audit"},"content":{"rendered":"<h2><span class=\"ez-toc-section\" id=\"Infrastructure_Audit_Snapshot\"><\/span>Infrastructure Audit Snapshot<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\nA fixed-scope audit of a smaller infrastructure focused on security, privacy and operational risks.\n<\/p>\n<p>\nAre you unsure where your infrastructure is exposed, who has access to what, where your data goes, or whether your deployment process depends more on luck than on good operational practice?\n<\/p>\n<p>\nInfrastructure Audit Snapshot is a practical review of servers, accounts, repositories and deployment processes. The goal is not a formal certificate or a pile of generic recommendations, but a clear and usable output: what is actually risky, what should be fixed first and what you can do to run your systems more securely.\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Audit_scope\"><\/span>Audit scope<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\nThe package includes a review of a smaller infrastructure within a fixed scope:\n<\/p>\n<ul>\n<li>up to 3 Linux servers<\/li>\n<li>basic Docker, Docker Compose and self-hosted services setup<\/li>\n<li>one cloud account or hosting environment<\/li>\n<li>one GitHub\/GitLab organization or main repository<\/li>\n<li>CI\/CD pipeline and deployment process basics<\/li>\n<li>access rights, SSH, administrator accounts and MFA<\/li>\n<li>publicly exposed services, DNS, TLS, reverse proxy and open ports<\/li>\n<li>backups, restore procedures, updates, monitoring, logging and alerting<\/li>\n<li>handling of personal and sensitive data, telemetry and external services<\/li>\n<li>basic incident readiness<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"How_the_audit_works\"><\/span>How the audit works<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>first we confirm the audit scope, list of services and priorities<\/li>\n<li>the audit is performed with read-only access whenever possible and without unnecessary changes to production<\/li>\n<li>I review configurations, access rights, processes, exposed services and operational habits<\/li>\n<li>risks are ranked by impact and likelihood, not by how scary their names sound<\/li>\n<li>we go through the results together during the final consultation<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"What_you_receive\"><\/span>What you receive<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>a clear summary of the main risks for non-technical decision-making<\/li>\n<li>a technical list of findings ranked by priority<\/li>\n<li>specific remediation recommendations<\/li>\n<li>a proposal for quick fixes and longer-term operational improvements<\/li>\n<li>a distinction between real risks and issues that are not a priority in your situation<\/li>\n<li>a final consultation to discuss the audit results<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Typical_findings\"><\/span>Typical findings<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>poorly restricted SSH or administrator access<\/li>\n<li>overly broad permissions in cloud accounts or CI\/CD pipelines<\/li>\n<li>secrets stored in unsuitable places<\/li>\n<li>containers running with risky settings<\/li>\n<li>services exposed to the internet without a clear reason<\/li>\n<li>missing or untested backups<\/li>\n<li>insufficient logging and monitoring<\/li>\n<li>unnecessary sharing of data with external services<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Who_this_audit_is_for\"><\/span>Who this audit is for<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\nThis audit is suitable for small companies, non-profit projects, startups, web services, cryptocurrency projects and individuals who run their own infrastructure and want to know whether their servers, accounts and deployment processes make sense from a security perspective.\n<\/p>\n<p>\nIt is especially useful when the infrastructure has grown over time, has been configured by several different people, includes things that were set up in a hurry, or when you are preparing for a larger operational change, migration, investment, launch of a new service or a security requirement from a customer.\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Delivery\"><\/span>Delivery<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\nTypical delivery is within 7 business days after the scope is confirmed and access is provided.\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"What_this_audit_is_not\"><\/span>What this audit is not<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\nThis is not a formal certification, compliance audit or full penetration test unless we explicitly agree on that scope. It is a practical security and operations review of your infrastructure from the perspective of a security-focused sysadmin.\n<\/p>\n<p>\nIf your infrastructure is larger than the scope above, we can agree on an extended audit individually.\n<\/p>\n<p>\nThe result should be a usable plan: what to fix now, what to schedule for later and what does not need to be overthought.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Infrastructure Audit Snapshot A fixed-scope audit of a smaller infrastructure focused on security, privacy and operational risks. Are you unsure where your infrastructure is exposed, who has access to what, where your data goes, or whether your deployment process depends more on luck than on good operational practice? Infrastructure Audit Snapshot is a practical review &hellip;<br \/><a href=\"https:\/\/www.digitalnisebeobrana.cz\/en\/infra-audit\/\" class=\"more-link pen_button pen_element_default pen_icon_arrow_double\">Continue reading <span class=\"screen-reader-text\">Infra audit<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":2138,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_vp_format_video_url":"","_vp_image_focal_point":[],"footnotes":""},"class_list":["post-2265","page","type-page","status-publish","has-post-thumbnail","hentry"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"en","enabled_languages":["cs","en"],"languages":{"cs":{"title":true,"content":true,"excerpt":false},"en":{"title":true,"content":true,"excerpt":false}}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Infra audit - DIGITAL SELF-DEFENSE<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Infra audit - DIGITAL SELF-DEFENSE\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/\" \/>\n<meta property=\"og:site_name\" content=\"DIGITAL SELF-DEFENSE\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/digitalnisebeobrana\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-01T10:11:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2023\/10\/audit2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@sodomak\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/\",\"name\":\"Infra audit - DIGITAL SELF-DEFENSE\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/audit2.png\",\"datePublished\":\"2026-06-01T09:43:52+00:00\",\"dateModified\":\"2026-06-01T10:11:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/audit2.png\",\"contentUrl\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/audit2.png\",\"width\":1024,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/infra-audit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/digitalni-sebeobrana\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infra audit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/\",\"name\":\"DIGITAL SELF-DEFENSE\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#\\\/schema\\\/person\\\/e932432719ebfc02a9b05e7b12047736\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#\\\/schema\\\/person\\\/e932432719ebfc02a9b05e7b12047736\",\"name\":\"Milan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\",\"contentUrl\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\",\"width\":613,\"height\":73,\"caption\":\"Milan\"},\"logo\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\"},\"description\":\"Jmenuji se Milan P\u016flkr\u00e1bek, pamatuji si po\u010d\u00edta\u010de bez internetu, Internet bez Google a mobiln\u00ed komunikaci bez \u0161ifrov\u00e1n\u00ed. M\u00e1m za sebou v\u00edce ne\u017e dvacet let profesion\u00e1ln\u00ed praxe v IT, p\u0159edn\u00e1\u0161\u00edm a p\u00ed\u0161u \u010dl\u00e1nky o IT bezpe\u010dnosti, kryptom\u011bn\u00e1ch a nov\u00fdch technologi\u00edch. Od roku 2014 jsem sou\u010d\u00e1st\u00ed nezikov\u00e9 organizace Paraleln\u00ed Polis v Praze.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/digitalnisebeobrana\\\/\",\"https:\\\/\\\/x.com\\\/sodomak\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Infra audit - DIGITAL SELF-DEFENSE","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/","og_locale":"en_US","og_type":"article","og_title":"Infra audit - DIGITAL SELF-DEFENSE","og_url":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/","og_site_name":"DIGITAL SELF-DEFENSE","article_publisher":"https:\/\/www.facebook.com\/digitalnisebeobrana\/","article_modified_time":"2026-06-01T10:11:00+00:00","og_image":[{"width":1024,"height":1024,"url":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2023\/10\/audit2.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@sodomak","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/","url":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/","name":"Infra audit - DIGITAL SELF-DEFENSE","isPartOf":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/#primaryimage"},"image":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2023\/10\/audit2.png","datePublished":"2026-06-01T09:43:52+00:00","dateModified":"2026-06-01T10:11:00+00:00","breadcrumb":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/#primaryimage","url":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2023\/10\/audit2.png","contentUrl":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2023\/10\/audit2.png","width":1024,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/www.digitalnisebeobrana.cz\/infra-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.digitalnisebeobrana.cz\/digitalni-sebeobrana\/"},{"@type":"ListItem","position":2,"name":"Infra audit"}]},{"@type":"WebSite","@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#website","url":"https:\/\/www.digitalnisebeobrana.cz\/en\/","name":"DIGITAL SELF-DEFENSE","description":"","publisher":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#\/schema\/person\/e932432719ebfc02a9b05e7b12047736"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.digitalnisebeobrana.cz\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#\/schema\/person\/e932432719ebfc02a9b05e7b12047736","name":"Milan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png","url":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png","contentUrl":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png","width":613,"height":73,"caption":"Milan"},"logo":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png"},"description":"Jmenuji se Milan P\u016flkr\u00e1bek, pamatuji si po\u010d\u00edta\u010de bez internetu, Internet bez Google a mobiln\u00ed komunikaci bez \u0161ifrov\u00e1n\u00ed. M\u00e1m za sebou v\u00edce ne\u017e dvacet let profesion\u00e1ln\u00ed praxe v IT, p\u0159edn\u00e1\u0161\u00edm a p\u00ed\u0161u \u010dl\u00e1nky o IT bezpe\u010dnosti, kryptom\u011bn\u00e1ch a nov\u00fdch technologi\u00edch. Od roku 2014 jsem sou\u010d\u00e1st\u00ed nezikov\u00e9 organizace Paraleln\u00ed Polis v Praze.","sameAs":["https:\/\/www.facebook.com\/digitalnisebeobrana\/","https:\/\/x.com\/sodomak"]}]}},"_links":{"self":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/pages\/2265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/comments?post=2265"}],"version-history":[{"count":7,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/pages\/2265\/revisions"}],"predecessor-version":[{"id":2295,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/pages\/2265\/revisions\/2295"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/media\/2138"}],"wp:attachment":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/media?parent=2265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}