The Well-Architected Framework is a set of AWS-provided guidelines for ensuring cloud excellence across five pillars, including security.
|Identity and Access Management||Identity and access management are key parts of an information security program, ensuring that only authorized and authenticated users are able to access your resources, and only in a manner that you intend.|
|Detective Controls||Detective controls are an essential part of governance frameworks and can be used to support a quality process, a legal or compliance obligation, and for threat identification and response efforts.|
|Infrastructure Protection||Infrastructure protection encompasses control methodologies, such as defense in depth, necessary to meet best practices and organizational or regulatory obligations.|
|Data Protection||Before architecting any system, foundational practices that influence security should be in place. These methods are important because they support objectives such as preventing financial loss or complying with regulatory obligations.|
|Incident Response||Even with extremely mature preventive and detective controls, your organization should still put processes in place to respond to and mitigate the potential impact of security incidents.|
To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.
Custom Compliance Programs
Aqua CSPM features the ability to create completely custom Compliance Programs that match your organization requirements.
To learn about creating a custom program click here.