CSPM Compliance Overview
Aqua CSPM offers compliance reports to match your cloud infrastructure scan results to industry standards and compliance controls.
Compliance reports include out-of-the-box / default reports for many compliance programs, see complete list below. Additionally, Aqua CSPM allows customers to build their custom compliance reports to match customers' internal compliance policies and requirements.
Each compliance program is divided into controls which are in turn mapped to Aqua CSPM plugins. Each control will then report the plugin counts with the corresponding aggregated statuses for PASS, WARN, FAIL, or UNKW for unknown results.
TABLE OF CONTENTS
Default Compliance Programs
The following compliance programs are supported by Default:
- APRA 234 Standard
- AWS CIS Benchmarks
- AWS Well-Architected Framework - Security
- Azure CIS Benchmarks
- BAIT
- CCPA
- COPPA
- FedRamp
- FERPA
- FISMA
- GCP CIS Benchmarks
- General Data Protection Regulation (GDPR) EU
- HIPAA
- HITRUST CSF
- ISO 27001
- ISO 27017
- ISO 27018
- LGPD
- Mitre AWS Attack Framework
- NIST 800-171
- NIST CSF
- NIST SP 800-53
- PCI Compliance
- SOC 2 Type 2
- SOC 3
- VAIT
See Generating Compliance Reports for more details.
Custom Compliance Programs
Aqua CSPM features the ability to create completely custom compliance programs that match your organization's requirements.
To learn more, see Custom Compliance Reports.
Did you find it helpful? Yes No
Send feedback