Aqua CSPM offers Compliance reports out of the box to match your Cloud Infrastructure Scan Results to Industry Standards and Compliance Controls.

When scanning your organization's cloud accounts, results are matched to Default and Custom Compliance Programs to produce the desired Compliance Report. 


Each Compliance Program is divided into Controls which are in turn mapped to Aqua CSPM Plugins. Each control will then report the Plugin counts with the corresponding aggregated statuses for PASS, WARN, FAIL, or UNKW for unknown results.


TABLE OF CONTENTS


Default Compliance Programs

The following Compliance Programs are supported by Default:


PCI Compliance Checklist

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store, or transmit credit card information maintain a secure environment.


To learn more about the compliance checklist for this program click here.


HIPAA Compliance Checklist

The Health Insurance Portability and Accountability Act of 1996 is United States legislation that provides data privacy and security provisions for safeguarding medical information.


To learn more about the compliance checklist for this program click here.


AWS Well-Architected Framework - Security Checklist

The Well-Architected Framework is a set of AWS-provided guidelines for ensuring cloud excellence across five pillars, including security.


To learn more about the compliance checklist for this program click here.


AWS CIS Benchmarks Checklist

The CIS Amazon Web Services Foundations v1.2.0 provides prescriptive guidance for configuring security options for a subset of Amazon Web Services with an emphasis on foundational, testable, and architecture agnostic settings. 

Specific Amazon Web Services in scope include:


  • AWS Identity and Access Management (IAM)
  • AWS Config
  • AWS CloudTrail
  • AWS CloudWatch
  • AWS Simple Notification Service (SNS)
  • AWS Simple Storage Service (S3)
  • AWS VPC (Default)


To learn more about the compliance checklist for this program click here.


Azure CIS Benchmarks Checklist

The CIS Microsoft Azure Foundations Security Benchmark provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. their guide was tested against the listed Azure services as of Feb-2018. The scope of the benchmark is to establish the foundation level of security for anyone adopting Microsoft Azure Cloud. The benchmark is, however, not an exhaustive list of all possible security configurations and architecture. You should take the benchmark as a starting point and do the required site-specific tailoring wherever needed and is prudent to do so.


To learn more about the compliance checklist for this program click here.


GCP CIS Benchmarks Checklist

The CIS Google Cloud Platform Foundation Benchmark 1.1.0 covers foundational elements of Google Cloud Platform. The recommendations provided are important security considerations when designing infrastructure on Google Cloud Platform. Most of the recommendations provided with this release of the benchmark cover security considerations only at the individual project level and not at the Organization level.


To learn more about the compliance checklist for this program click here.


General Data Protection Regulation (GDPR) EU

The GDPR is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. While primarily process-driven, there are a number of technical controls that can be followed.


To learn more about the compliance checklist for this program click here.


SOC 2 Type 2

SOC for Service Organizations: Trust Services Criteria - A type 2 report on management's description of a service organization's system and the suitability of the design and operating effectiveness of controls. Currently in Preview.


To learn more about the compliance checklist for this program click here.


To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.


Custom Compliance Programs

Aqua CSPM features the ability to create completely custom Compliance Programs that match your organization requirements.


To learn about creating a custom program click here.