A compliance program (e.g. PCI or HIPAA) has controls (e.g. “Ensure encryption is enabled”) which contain mappings to CSPM plugins (e.g. “EBS Volume Encryption Enabled”) which produce findings.
What is the difference between a compliance program, control, mapping, and finding Print
Modified on: Wed, 12 Aug, 2020 at 9:22 AM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.