The compliance report shows a comprehensive picture of the scanned cloud account compliance status.


Compliance Programs

When scanning your organization's cloud accounts, results are matched to Default and Custom Compliance Programs to produce the Compliance Report. 

Each Compliance Program is divided into Controls which are in turn mapped to Aqua CSPM Plugins. Each control will then report the Plugin counts with the corresponding aggregated statuses for PASS, WARN, FAIL, or UNKW for unknown results.

Aqua CSPM supports the following Compliance Programs by Default

  1. PCI: The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store, or transmit credit card information maintain a secure environment.

  2. HIPAA: The Health Insurance Portability and Accountability Act of 1996 is United States legislation that provides data privacy and security provisions for safeguarding medical information.

  3. AWS Well-Architected Framework - Security: The Well-Architected Framework is a set of AWS-provided guidelines for ensuring cloud excellence across five pillars, including security.

  4. AWS CIS Benchmarks: CIS Amazon Web Services Foundations v1.2.0

  5. Azure CIS Benchmarks: CIS Microsoft Azure Foundations v1.1.0

  6. GCP CIS Benchmarks: CIS Google GCP Foundations v1.0.0

  7. General Data Protection Regulation (GDPR) EU: The GDPR is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. While primarily process-driven, there are a number of technical controls that can be followed.

  8. SOC 2 Type 2: SOC for Service Organizations, Trust Services Criteria - A type 2 report on management's description of a service organization's system and the suitability of the design and operating effectiveness of controls. (Currently in Preview only)

Additional Compliance Programs can be created and Scan Reports will automatically generate mapped results to match the program mapping. To create a Custom Compliance Program navigate to Compliance and then click on Create Program.

Compliance Report

  1. Go to Scans > Scan Reports

  2. Click on View Report for the desired cloud account

  3. Select Compliance in the top navigation area

  4. Select the Compliance Program of your preference to review the report

  5. Click on the Compliance Program Controls and Plugins to review the corresponding detailed compliance results analysis.

  6. Each compliance program's report can be exported as a PDF or CSV, just click on Export and select the desired option.

    Please see below an example of a PDF Export

Navigate to Scans > Scan Reports and select the Compliance option in the top navigation for a specific Scan Report.