Views:
The Compliance and Cloud Posture Report scores your cloud infrastructure as PASS or FAIL for each control within supported Standards and Frameworks.
  • All controls are organized into sections and headers that map to those within the Standards and Frameworks itself as set by the standard or framework authority.
  • The report comes with % pass and % fail scores based on the total checks that have passed and failed for Trend Vision One™ – Cloud Posture rules mapped to the standard or framework controls.
  • Using the report, you can get an instant assessment of your organization’s cloud infrastructure compliance, and accordingly, take remediation measures to improve compliance levels, thereby potentially avoiding non-compliance reactive fixes and expenditures.

What is a control?

A control is the passable element of a standard or framework that can be determined to PASS, FAIL, or be otherwise assessed.

How is PASS or FAIL determined for each control?

Each Cloud Posture rule that is applicable to control within the selected standard or framework is run against your selected account(s) and Checks are sent back and totaled as PASS or FAIL for each control.
Supported Standards and Frameworks:
  1. AWS Well-Architected Framework
  2. CIS AWS Foundations v1.2.0
  3. NIST 800-53 (Rev. 4)
  4. PCI DSS
  5. HIPAA
  6. GDPR
  7. Monetary Authority of Singapore TRM
  8. System and Organization Controls 2 (SOC 2)
  9. IST Cybersecurity Framework v1.1
  10. ASAE 3150 Security of CDR Data
  11. PCI DSS v3.2.1
  12. APRA CPS 234 June 2019

Compliance and Cloud Posture Report Layout

In the Compliance and Cloud Posture Report, the grouping of the controls is defined by the control family. Cloud Posture interprets the standards and frameworks and map rules to each control and control family. Each rule has a pre-existing category assigned to it based on an assessment of which pillar of the AWS Well-Architected framework a rule belongs to. These pillars may or may not align with the categorizations used by a framework or standard Cloud Posture audits against.
all-checks-updated=b3378b4c-9251-41a8-8e0d-64b9f5afd38d.png

Improve your organization's compliance

Clicking on the Resolve button against the failed Checks will direct you to the related rule and remediation steps on the Cloud Posture Knowledge Base, which provides a step-by-step guide on how to resolve the failure.
You also have the following options on clicking the expand button on a rule:
  1. Send rule to
  2. Configure rule
  3. Suppress
  4. Create tickets depending on communication channels configured

Customize and Download your Compliance and Cloud Posture Report

  1. You can create customized views of the rules and checks on your All accounts, Individual accounts, or Groups using filters.
    • !!! note "" Some controls might return 0 checks i.e. 0 under Total Counts columns because
      • You have selected a filter that excludes services, rules, or checks that map to that specific control
      • Or, you do not have access to applicable services for rules within the control
      • Or controls that aren't applicable to cloud infrastructure or immeasurable by Cloud Posture will not have any rules
  2. Download the report result
    1. Click on Generate report to generate and download Compliance and Cloud Posture report
      generate-compliance-conformity-report-fhzpwd=d7051a01-d81a-40d7-a818-7df0788d8514.png
      {.zoom}
  3. Download previously generated reports from the history
    1. Click to expand Other reports from the Configured reports list
    2. Select either CSV or PDF format to download
    Compliance and Cloud Posture Reports can also be downloaded from_ the [_All Generated Reports_](generate-download-report.xml#all-generated-reports) list
    {: .note }