Compliance Posture
Introduction
Cloud Compliance through the platform provides a policy management service that ensures that cloud services consumed are compliant with established standards and security practices. Centralized policy management is powered by declarative policy language which allows to define enterprise business logic as policies which can be scheduled or executed on demand to manage compliance of various cloud services and its resources.
The platform's compliance rules enable users to assess the security of their cloud infrastructure and applications using a cloud platform's native security assessment tools or third-party assessment tools. User operations teams can also review their consolidated compliance posture in a dashboard and take any necessary actions form there.
Cloud Compliance offered trough this platform is intended to help users meet the following objectives:
- Maintain compliance and configuration standards.
- Maintain security posture for the resources provisioned.
- Manage and activate policies to optimize resource utilization.
Compliance Posture Dashboard
To navigate to the Compliance Posture dashboard, go to the left navigation menu and select Compliance > Posture.
The Compliance Posture dashboard provides visibility on the following 5 aspects across all of your cloud accounts. The summary section provides the consolidated counts across all accounts and the grid provides account wise details.
- % Compliant: This indicates the percentage of resources available in the cloud accounts that are compliant with the standard.
- Total Controls: This indicates the total number of controls that are being utilized for enforcing the compliance standard.
- Total Violations: This indicates the total number of violations that are observed while assessing the cloud accounts for the compliance standard and needs to be addressed to enforce the compliance standard.
- Total Errors: This indicates the total number of errors that are observed while assessing the cloud accounts for the compliance standard and needs to be fixed in order to enforce the compliance standard.
- Total Success: This indicates the total number of successful assessments performed in the cloud accounts for the compliance standard.
Standard Level View
You can select the View (Eye icon) option in the grid against a specific compliance standard to view more details about the number of violations, errors, success, and standards that are yet to be assessed. You will be redirected to another tab where you can see:
- Toggle option between Standards and Services. Based on your selection you can view the details.
- Filters for Tenant, Service and Account. You can just choose different filter combinations in this view and get the details.
- Click Compliance > Posture > By Cloud.
4.Under Actions, click the eye icon.
This will take you to the Compliance Visibility page for the selected compliance standard.
- Click a resource.
- To see compliance policy for a specific standard, click By Policy and select the respective standard. For example, AC3 - Abstracted Cloud Compliance Controls.
- To see compliance policy for all standards, click By Policy and select all standards.
Updated about 1 month ago