In a multi-cloud/hybrid-cloud environment, security controls have traditionally been focussed on reactive detection, leveraging traditional log sources and analytics. Using a programmatic approach to controls validation and using low effort high fidelity security signals you can expand your detection, reduce the attacker dwell time and improve the return on your controls investment. In addition it is valuable to leverage threat intelligence sources that are curated to your organisation and control environment. We will discuss how you can drive the controls maturity by leveraging some simple tools and processes.