The Well-Architected Framework is a set of AWS-provided guidelines for ensuring cloud excellence across five pillars, including security.


ControlDescription
Identity and Access ManagementIdentity and access management are key parts of an information security program, ensuring that only authorized and authenticated users are able to access your resources, and only in a manner that you intend.
Detective ControlsDetective controls are an essential part of governance frameworks and can be used to support a quality process, a legal or compliance obligation, and for threat identification and response efforts.
Infrastructure ProtectionInfrastructure protection encompasses control methodologies, such as defense in depth, necessary to meet best practices and organizational or regulatory obligations.
Data ProtectionBefore architecting any system, foundational practices that influence security should be in place. These methods are important because they support objectives such as preventing financial loss or complying with regulatory obligations.
Incident ResponseEven with extremely mature preventive and detective controls, your organization should still put processes in place to respond to and mitigate the potential impact of security incidents.


To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.


Custom Compliance Programs


Aqua CSPM features the ability to create completely custom Compliance Programs that match your organization requirements.


To learn about creating a custom program click here.