Trend Micro experts constantly evaluate, assess, and adjust public cloud application reputation based on multiple criteria to ensure that customers always have the latest information.
 |
NoteA public cloud application's reputation indicates the level of maturity and security
compliance for the application and does not indicate that an application is malicious
or dangerous.
Public cloud app reputation scores range from good to moderate to poor. A lower reputation
score indicates a better overall reputation.
|
Trend Micro determines a public cloud application’s reputation based on:
-
Standards compliance (for example, CSA STAR level, ISO, NIST)
-
Security features (for example, multi-factor authentication, DoS protection)
-
Security headers (for example, x-frame-options, content-security-policy)
-
Security breaches or other events that may indicate a compromised service
In addition, Trend Micro evaluates reputation based on regulatory compliance with
the following standards and frameworks:
-
21 CFR (GxP)
-
C5 (Germany)
-
CJIS
-
COBIT
-
CS Gold Mark (Japan)
-
CSA STAR LEVEL 1: Self-Assessment
-
CSA STAR LEVEL 2: Attestation
-
CSA STAR LEVEL 2: Certification
-
CSA STAR LEVEL 3: Continuous Monitoring
-
Cyber Essentials Plus (UK)
-
DoD IL2
-
DoD IL4
-
DoD IL5
-
DoD IL6
-
EU Model Clauses
-
EU-US/Swiss-US Privacy Shield
-
FERPA
-
FFIEC
-
FINRA
-
FIPS 140-2
-
FISC (Japan)
-
FISMA
-
FedRAMP
-
GAAP
-
GDPR
-
GLBA
-
HIPAA/HITECH
-
HITRUST
-
ISAE 3402
-
ISO 20000
-
ISO 22301
-
ISO 27001
-
ISO 27017
-
ISO 27018
-
ISO 9001
-
ITAR
-
MPAA
-
My Number Act (Japan)
-
NEN-7510 (Netherlands)
-
NIST 800-171
-
NIST 800-53
-
NIST Cybersecurity Framework (CSF)
-
PCI DSS
-
SEC 17a-4
-
SOC 1
-
SOC 2
-
SOC 3
-
SOX
-
SSAE 16
-
SSAE 18
-
Safe Harbor
-
TISAX (EU)
-
TRUSTe
-
UK G-Cloud
-
UK NCSC Cloud Security Principles
-
VPAT / Section 508
-
WCAG 2.0/ISO 40500
-
xDTM