17min

Compliance at a glance

Cloud Compliance at AutoCloud is the place for seeing the big picture of your compliance posture.

Compliance Dashboard

Click "Compliance" in the left-hand panel, and view Compliance benchmarks for each Visual Service Discovery. Note that if the cards are empty, first you need to connect your environment, and come back to Compliance after the first crawl.

Document image

Customize the view

These cards are per VSD, and can be customized with your favorite compliance check summaries. Click on the right corner of the card to access customization:

Document image

You can choose up to 3 compliance check summaries. Once you are ready click "Save".

Document image

Visualizing Compliance

Click on any "check summary" to access the detailed view of the Benchmark of the Visual Service Discovery. This view has graphs at the top and the rules at the bottom. You may change the date in the top right corner to access the Compliance dashboard for each version of your VSD.

Document image

Resource Status

Resource Status summarizes how many resources were assessed, and how many have passed and failed the checks. In this example, 19 out of 28 resources failed the controls.

Document image

Control Status

Control Status summarizes how many checks were assessed, and how many passed and failed. In this example, 64% of the checks passed the control.

Document image

Resource Failure Severity

All checks have been classified with a Severity level. In this example, 37 rules have a "High" severity, 62 rules are "Medium" and only 1 is "Low".

Document image

Resource Failure by Section

Most benchmarks classify the rules under sections or categories. In this example, CIS 1.2 has 7 different sections. You can view each section and understand how many passed and failed.

Document image

The rules table

All of the rules are classified under a section and have the following attributes:

  • Status (Passed or Failed)
  • Assessed (number of resources assessed)
  • Pass (number of resources that passed and percentage)
  • Fail (number of resources that failed and percentage)
  • Severity (High, Medium or Low)
Document image

Findings, Information and Remediation

Clicking any rule will open a side panel with Findings, Information and Remediation.

In this example, the rule "GCP CIS 3.7 Ensure that RDP access is restricted from the internet" checked against 7 different resources, and only 1 didn't pass the control.

Document image

Click "Information" to know more about this rule, as well as getting references from the CSP.

Document image

Click "Remediation" to know the steps you would need to take to fix this and pass the check.

Document image

Compliance in your Service Discoveries

You may also access the Compliance Dashboard and view one particular benchmark in the account of your choice:

Document image

In this case, I've selected PCI:

Document image