Trend Vision One™ – Cloud Posture provides a number of tools to
help organizations quickly assess their infrastructure’s compliance posture against
various compliance standards and frameworks:
Compliance tools:
Procedure
- Standard and Framework checks report - view how your organization’s infrastructure is tracking against rules filter by various Standards and Frameworks
- Compliance and Cloud Posture Reports - view and download a report assessing how your cloud infrastructure security and governance posture is tracking against controls from various Standards and Frameworks.
- Compliance Excel Report - Downloadable Excel report of your infrastructure’s compliance posture.
- Compliance Score – health metric of your cloud infrastructure measured against Cloud Posture’s entire 750+ rule set.
What to do next
Supported Standards and Frameworks 
Cloud Posture currently offers reports
for the following standards and frameworks. Each standard or framework is made
up of controls that specify security and governance requirements. Cloud Posture
rules are
mapped to these controls and the resulting checks can
be filtered to display only the rules relevant to a particular
standard or framework.
|
Standard or Framework
|
|||
|
AWS Well Architected Framework
|
 |
|
|
|
Azure Well Architected
|
|
|
|
|
(NIST) 800-53 (Rev.4)
|
|
|
|
|
(NIST) 800-53 (Rev.5)
|
|
|
|
|
Payment Card Industry Data Security Standard (PCI
DSS)V3.2.1
|
|
||
|
Health Insurance Portability and Accountability Act of 1996
(HIPAA) 45cfr164
|
|
||
|
General Data Protection Regulation (GDPR)
|
|
||
|
Australian Prudential Regulation Authority (APRA) CPS 234
|
|
||
|
Monetary Authority of Singapore Technology Risk Management
Guidelines (MAS TRM) 2021
|
|
|
|
|
NIST Cyber Security Framework v1.1
|
|
||
|
System and Organization Controls (SOC 2)
|
|
||
|
ISO 27001 Ed2 2013
|
|
||
|
AusGov ISM 2020
|
|
||
|
ASAE 3150 Security of CDR Data
|
|
|
|
|
HITRUST CSF v9.3
|
|
||
|
FEDRAMP Rev4
|
|
||
|
NIS Europe OES-2019
|
|
||
|
FISC Security v9
|
|
||
|
LGPD Brazil
|
|
||
|
The Centre of Internet Security (CIS) Benchmarks for Amazon
Web Services Foundations v1.5.0
|
|
|
|
|
The Centre of Internet Security (CIS) Microsoft Azure
Foundations Benchmark v1.5.0
|
|
|
|
|
ISO 27001:2022
|
|
Standard and Framework checks report
Procedure
- Open All
checks report
- Select View by Rule or by Resource
- Expand Filter checks
- Check a standard or framework in Standards & Frameworks.
For Example: Monetary Authority of Singapore
TRMWe currently support the following Standards & Framework filters:
-
AWS Well Architected Framework
-
Azure Well Architected
-
NIST 800-53 (Rev. 4)
-
NIST 800-53 (Rev. 5)
-
PCI DSS v3.2.1
-
HIPAA 45cfr164
-
ASAE 3150 Security of CDR Data
-
GDPR
-
APRA CPS 234
-
Monetary Authority of Singapore (MAS) TRM 2021
-
System and Organization Controls 2 (SOC2)
-
NIST Cyberscecurity Framework v1.1
-
ISO 27001 Ed2 2013
-
AusGov ISM 2020
-
HITRUST CSF v9.3
-
FEDRAMP Rev 4
-
NIS Europe OES-2019
-
FISC Security v9
-
LGPD (Brazil)
-
CIS Benchmarks for Amazon Web Services Foundations v1.5.0
-
CIS Microsoft Azure Foundations Benchmark v1.5.0
-
- Scroll down to the checks list, which will display the standard or
framework selected. Click on a rule to see the check result (success or
failure) against the rule for each resource. See Rules for
more info.
- [ Optional ] Download the result as a PDF or CSV report.
- Generate and download new Standard & Framework Checks results
- Click on Generate report
- Download previously generated reports from the history
- Expand Other reports from the Configured reports list
- Select either CSV or PDF format for the report
Note
Standard and Framework checks reports can also be downloaded from All Generated Reports list. To know more about standards in a particular Standard and Framework report, in most cases you will need to register with the standard from their website to be able to access a detailed PDF about the standards. - Generate and download new Standard & Framework Checks results
What to do next
Compliance Excel Report
A Compliance Excel Report is mapped in the same way as a Compliance & Cloud Posture
Reports however this report is available in XLS format. Currently
only supported for the following CIS AWS Foundations:
- The Centre of Internet Security (CIS) GCP Foundations Benchmark v1.2.0
- CIS Benchmarks for Amazon Web Services Foundations v1.5.0
- CIS Microsoft Azure Foundations Benchmark v1.5.0
- CIS Google Cloud Platform Foundations Benchmark v1.3.0
Example CIS AWS Foundations report
