Compliance Dashboard

Compliance is one of the most important aspects of cloud governance. Every business must adhere to the local and international legal regulations such as HIPAA, PCI-DSS, SOX and more. With CoreStack, ensuring cloud compliance is easier than ever before.

CoreStack’s Compliance Dashboard offers an in-depth view of the compliance status of the cloud in a single pane. It displays security findings and appropriate recommendations for the same.

This dashboard is split into 3 sections: Tenant Based Summary, Non-Compliance and Cloud Specific Security Findings.

  1. Tenant Based Summary – Admin can view the Compliance details of each tenant separately based on the selection.
  2. Non-compliance – This section shows security findings as per the configurations set in the Policies section. For example, it can be a company policy to not leave Port 22 open. So when such an incident occurs it is a non-compliant vulnerability. If the user wants then the port can remain open and the rule application skipped so that it doesn’t show up again as a vulnerability.
  3. Cloud Native Security Findings – This section displays security findings that are high-risk, for example, using a system with old updates, not installing patch updates, etc. There are no recommendations provided for this.

Tenant Based Summary:

 

Non-compliance

Any resources in the cloud that are vulnerable, for example, open ports, those will be populated in this section as a finding under the appropriate category.There are many categories, for example, security, cost optimization, standards, etc.

By Category

This pie chart shows category-wise number of security findings. Clicking on a category shows the list of findings under it.

To view recommendations for a specific security finding in the list, click View. This redirects you to a new tab with the Recommendations dashboard. Learn more about Recommendations.

Top 3 Accounts(Across Cloud Accounts)

This section displays a donut diagram representing the top three accounts with the highest number of security findings. Click on an account to view a list of security findings:

To view recommendations for a specific security finding in the list, click View. This redirects you to a new tab with the Recommendations dashboard. Learn more about Recommendations.

Compliance Posture

This is the last subsection in the Non-Compliance section. The Compliance Posture is essentially a counter that displays the

  • Total number of security findings
  • Number of open findings

Findings against which no action has been taken.

  • Number of resolved findings

When a security finding recommendation is revoked/deleted, it is considered resolved. This counter displays the number of findings resolved by taking action other than skip.

  • Number of acknowledged findings

When a security finding recommendation is skipped, it is considered acknowledged. The user acknowledges that it is a vulnerability, yet enables the system to allow it. The next time a security finding will not be logged for the acknowledged vulnerability.

Cloud Specific Security Findings

These security findings are vulnerabilities that are picked up by CoreStack as per the tagged cloud accounts.

Azure can be configured to identify security vulnerabilities in the system. For example, installation of suspicious packages in the VM, not installing OS security updates, quota limit breached by a service, etc.

These vulnerabilities are tagged here, and shown as per three categories – specific to cloud accounts, infrastructure and consortiums such as NIST, CISA, FEDRAMP, CCE, etc.

Cloud Accounts

This pie chart shows the cloud accounts and the number of security findings for each of these.

Compliance Summary (Consortium Specific)

This section shows the number of security findings for consortiums such as NIST, CISA, FEDRAMP, CCE, etc. To view security findings list, click on the number.

The list appears as shown:

Compliance Summary (Infrastructure Specific)

This area showcases vulnerabilities specific to infrastructural resources, such as endpoint protection and security updates. For example, non-installation of OS security updates, inability to collect data from a resource endpoint is not reachable (resource group has been deleted), etc.