Views:

Continuously identify and monitor compliance violations across multiple cloud providers.

The Cloud Asset Compliance Violations screen displays the results of continuous monitoring conducted by Trend Cloud One - Conformity on your cloud assets. Monitoring of assets across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform reveals compliance violations and insights on your cloud security posture. This information enables you to continuously improve your security posture and reduce the likelihood of successful attacks.
There are two paths to accessing the Cloud Asset Compliance Violations screen:
  • Go to Attack Surface Risk ManagementExecutive Dashboard, click the Exposure Overview tab, and then click Details in the Cloud Asset Compliance Violations widget.
  • Go to Attack Surface Risk ManagementOperations Dashboard, click the System Configuration risk factor, and then click Compliance violations in the Cloud infrastructure configuration widget.
The following table outlines the actions you can perform on the Cloud Asset Compliance Violations screen.
Action
Description
Select a maximum of three compliance standards or frameworks.
The widget displays information about how your cloud infrastructure tracks against controls from these standards and frameworks.
Tip
Tip
If no violations are detected for an extended period, select other compliance standards and frameworks for monitoring.
View a summary of compliance violations.
The widget provides the following information for each selected compliance standard and framework:
  • Total number of compliance rules violated in the last 30 days
  • Number of compliance rules violated per day
View a detailed list of violated compliance rules.
Click View details to see the list, which includes rule names, rule severity levels, event counts, and other key information.
Click the event count for any compliance rule to see the list of events that are considered violations of that rule.
Expand any row to see the following information:
  • Standards and frameworks associated with that specific compliance rule
  • Remediation steps from a library of configuration best practices for cloud environments
You can filter list entries based on criteria such as standard/framework, rule severity, and cloud service provider.
Created dismissed rules
If you are unable to implement the best practices to comply with a standard or framework, you can create a dismissed rule to prevent the generation of more risk events for specific rules.
  • Rules: Select one or more rules and then click Create dismissed rule.
  • Events: Click any event count to open the event list. Select one or more rules and then click Create dismissed rule.