Compliance
All accounts are scanned and checked against the most relevant Compliance benchmarks of the industry.
We support the following benchmarks:
- Amazon Web Services
- CIS AWS Foundations 1.5.0
- PCI DSS AWS 3.2.1
- NIST 800-53 rev4
- Microsoft Azure
- CIS Azure 1.3.1
- NIST 800-53 rev4
- Google Cloud Platform
- CIS GCP 1.3.0
- PCI DSS GCP 3.2.1
- NIST 800-53 rev4
You can view Compliance for each account by picking a Benchmark from the card:
Every benchmark has this view with summary graphs at the top and the rules at the bottom. You may change the date in the top right corner to access the Compliance dashboard for each version of your VSD.
Resource Status summarizes how many resources were assessed, and how many have passed and failed the checks. In this example, 19 out of 28 resources failed the controls.
Control Status summarizes how many checks were assessed, and how many passed and failed. In this example, 64% of the checks passed the control.
All checks have been classified with a Severity level. In this example, 37 rules have a "High" severity, 62 rules are "Medium" and only 1 is "Low".
Most benchmarks classify the rules under sections or categories. In this example, CIS 1.2 has 7 different sections. You can view each section and understand how many passed and failed.
All of the rules are classified under a section and have the following attributes:
- Status (Passed or Failed)
- Assessed (number of resources assessed)
- Pass (number of resources that passed and percentage)
- Fail (number of resources that failed and percentage)
- Severity (High, Medium or Low)
Clicking any rule will open a side panel with Findings, Information and Remediation.
In this example, the rule "GCP CIS 3.7 Ensure that RDP access is restricted from the internet" checked against 7 different resources, and only 1 didn't pass the control.
Click "Information" to know more about this rule, as well as getting references from the CSP.
Click "Remediation" to know the steps you would need to take to fix this and pass the check.
