Coming soon

The GetBulwark audit, automated.

We're building a tool that connects to your Google Workspace via OAuth and runs the same 20-point security review GetBulwark does manually — fully automated, in under five minutes, no scheduling required.

While it's being built, the free manual audit covers every check the tool will automate — and adds a conversation about what the findings actually mean for your specific setup. Most clients find it more useful than a scan alone.

Book the free manual audit See all services
Security Scorer
acmeltd.co.uk · Scanned 2 min ago
164 /215
Identity & Access
Pass
Email Security
Review
Data Governance
Action
Device Management
Pass
MFA — 8/8 users compliant
DMARC — policy: none (not enforced)
External sharing — partially restricted
0 inactive accounts (>90 days)
PDF report ready — 4 pages · 20 controls explained
How it works

From connection to report in under five minutes

No technical knowledge required. No data is stored. Read-only access to your Admin Console.

Step 01

Connect via Google OAuth

Sign in with your Google Workspace admin account. Read-only access — the tool checks your settings but cannot change anything.

Step 02

20 controls run automatically

The same 20-point manual review GetBulwark runs manually for every client — MFA, email authentication, sharing controls, device management, and more.

Step 03

Scored report generated

A PDF scored out of 215. Every finding explained in plain English. Prioritised by risk so you know exactly what to fix first.

Step 04

Fix it yourself or ask GetBulwark

Use the report to fix things yourself, share it with your team, or book a call with GetBulwark to handle it. The report is yours regardless.

Step 05

Run it monthly

Security drifts over time. Run the scorer every month to catch new issues before they become incidents.

Step 06

Track progress over time

Each report is scored and dated. Watch your score improve month over month as you close the gaps the tool finds.

The audit

20 controls across four categories

The same framework used in every GetBulwark manual audit — now automated.

01MFA enforcement status for every user
02Password policy strength and expiry settings
03Admin role assignments and least-privilege review
04Inactive accounts — 90+ days dormant
05Less secure app access — disabled or not
06SPF record — exists, syntax, enforcement level
07DKIM — configured and passing
08DMARC — policy level and aggregate reporting
09Email forwarding rules and suspicious filters
10Gmail safety settings configuration
11External file sharing settings
12Shared Drive permissions and access levels
13Google Groups — external posting restrictions
14Marketplace app access and OAuth grants
15Data regions and storage compliance
16Mobile Device Management — enabled and configured
17Endpoint protection deployment status
18OS patch compliance across device fleet
19Screen lock and encryption enforcement
20Remote wipe capability confirmed
The difference

Manual audit vs Security Scorer

The tool doesn't replace a GetBulwark engagement — it gives you the information to know whether you need one.

Manual audit (free with GetBulwark)

  • 45-minute call with Callum
  • Contextual questions and follow-ups
  • Written PDF report within 48 hours
  • Verbal walkthrough of findings
  • Recommendation on next steps
  • Available now — no waitlist
  • Conversation catches what a scan misses

Security Scorer (automated tool)

  • Instant — results in under 5 minutes
  • Run any time, as often as you want
  • Same 20 controls, scored out of 215
  • PDF report generated automatically
  • Track progress month over month
  • No scheduling, no waiting
  • No contextual conversation

The manual audit is available now.

Free, no waitlist, covers every check the tool will automate — plus a conversation about what the findings actually mean for your specific setup.

Book your free manual audit See a sample report