Manage Your Security Compliance Posture

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

CSM Misconfigurations comes with more than 1,300 out-of-the-box compliance rules that evaluate the configuration of your cloud resources and identify potential misconfigurations. Each compliance rule maps to one or more controls within a compliance standard or industry benchmark. You can also create custom frameworks to define and measure compliance against your own cloud security baseline.

View your compliance posture

View a high-level overview of your compliance posture for each framework on the CSM Misconfigurations Compliance page. Click a framework to see a detailed report that gives you insight into how your configuration scores against the framework’s requirements and rules.

  • Star: Pin a framework to the top of your table.
  • Score: The posture score for the rules in the given framework.
  • Change: The difference in posture score over the chosen time range (defaults to 1 month). Hover to see details.
  • Failing Rules: All the rules failing in the framework. Hover for more details.
  • Resources Passing: Of all the resources evaluated by rules in the framework, the percentage of which pass all the rules in the framework.
  • Framework Overview: A detailed report that gives you insight into how you score against a framework’s requirements and rules.
  • Explore Resources: A filtered view of the Misconfigurations page that shows resources with misconfigurations for the selected framework.
  • Configure Rules: Customize how your environment is scanned and set notification targets by modifying the compliance rules for each framework.
The compliance reports section of the CSM Misconfigurations Compliance page provides a high-level overview of your compliance posture

Explore compliance framework reports

Compliance framework reports show which rules are failing in your environment, along with details about the misconfigured resources.

The summary at the top of the report shows the posture score, the top five most severe rule failures, and a detailed breakdown of the rules based on severity. You can also explore your past posture with the time selector, download a PDF or CSV copy of the report, and filter the page by account, team, service, and environment tags.

Below the summary is a complete listing of all rules associated with the framework, organized by default by requirements and controls, along with the number of resources checked by the rule, the percentage of failures, and the change in resources passing the rule over the chosen time period.

Search for a rule name to filter the list, or group by requirement, control, severity, resource type, or resource category to organize the list. You can also click a table column header to sort by that column within the group.

The CIS AWS compliance framework report provides details on critical rule failures

Select a rule to view details about the misconfigured resources, the rule description, its framework or industry benchmark mapping, and suggested remediation steps. Then, you can click a specific resource to get more details.

The compliance rule side panel includes information about the rule and resources with failed misconfigurations

Further reading

추가 유용한 문서, 링크 및 기사:

Getting started with CSM MisconfigurationsDOCUMENTATION more more Explore default CSM Misconfigurations cloud configuration compliance rulesDOCUMENTATION more more Search and explore misconfigurationsDOCUMENTATION more more
PREVIEWING: jen.gilbert/cdocs-build