Compliance Dashboard

Compliance dashboard gives a summary of resources that are compliant with security standards

Compliance Overview outlines the overall health of the resources showing how much your resources are compliant with the standards. It shows a hollow chart with the comprehensive sum of rules and resources 

A Rule is a compliance standard, rules are mapped to resources and are examined according to those standards and if they meet the specified criteria we say the rule is passed.

Each rule comprises different signatures, so if a signature fails,the rule fails.

and each signature can have multiple resources(pass & fail)

Security Groups

Security group ensures the security of your cloud assets.

Each widget comprises a grouped collection of network instances such as:

  1. Performance

Performance deals with best practices of signatures such as Identify S3 Bucket have no Global GET Permissions

  1. Monitoring 

Monitoring deals with the signatures that monitor events such as check if CloudWatch event service is in use

  1. IAM 

This security group deals with the risks related to user permissions such as
Check if IAM password policy prevents password reuse

Regulations represent widgets of reports. Each widget shows the short compliance summary of reports and each report contains a set of compliance rules mapped according to signatures

Formula:

Compliance % : (Rules Passed /(Rules passed + Rules failed))* 100

Rules:

The rules are an official statement from compliance reports.

For instance there’s a rule which says “Ensure all passwords are encrypted”, so here a rule will include all those signatures which deal with password encryption.

Rules passed If all the signatures in a rule are in compliance with the rule then we say the rule is passed.

Rules failed If any one or more signatures in a rule are non-compliant with the rule then we say the rule is failed.

Formula : (Rules passed / (Rules passed + Rules failed))*100

Compliance Standards shows how much your resources are in compliance with the security standards.

Let’s say, you want to know how much your resources are in compliance with the CCPA regulation standards, so here Compliant shows you the overall health of your resources

Formula: (Pass / (Pass + Fail))*100

whereas,

Pass = Rules passed

Failed = Rules failed