Viewing Compliance Standards

Follow

Viewing Compliance Standards

Compliance > All Compliance Checks

A compliance standard groups together compliance checks. Compliance standards can align with established security guidelines, if desired. For example, you could have a NIST compliance standard containing compliance checks reviewing resources for alignment with NIST security guidelines.

On the Compliance Standards page, you can see all the compliance standards you have permission to view. Next to each standard , you can see a count of it's active and suppressed findings. Click on the findings badges to see a list of the findings. For more information, see What is a Finding?

Next to each standard, there is also an ellipsis menu with available actions.

  • View standard details page. Go to the standards's details page for information including the standard details, activity feed, findings, included checks, and projects and accounts where it is applied.

Compliance Standard Details: Overview Tab

Click the name of the compliance standard or View standard details page on the ellipsis menu to view its details page, including a tab menu for the standard. A More tab will display when there are more tabs than the screen can accommodate; you can click More to review the remaining menu options.

The Overview tab shows by default, which provides the following information:

Compliance Standard Name and Status

  • The name of the compliance standard is featured at the top of the screen.
  • A status badge will display if applicable. The Inactive badge will display if the compliance standard has no compliance checks applied to it.

Activity Feed

The activity feed shows all activity for the compliance standard, including the addition of compliance checks, application to a cloud rule, and editing the compliance standard's info. The user, date, and time are shown for all activities. You can search by keyword using the magnifying glass icon.

Compliance Standard Details: Findings Tab

Click the Findings tab to view the information about the findings involving this standard, including the account ID, the check severity, the compliance check name, the project name, the account name, the individual non-compliant resource, the region, and the date/time of the finding.

The ellipsis menu on the right of a finding will appear as a floating menu card, so you can use the menu without scrolling through all of the columns. Clicking the ellipsis menu gives you options for:

  • Cloud access - quickly access the cloud account where this finding occurred.
  • Archive - archive the finding.
  • Suppress - suppress the finding.
  • View metadata - view metadata for the finding. The metadata field accepts JSON to allow you to send additional data not captured by Kion. For example, you can include resolution information for the finding as a URL. If this option is not displayed, there is no metadata.

You can click on the check name, project name, or account name to visit the detail pages for those objects.

Compliance Standard Details: Compliance Checks Tab

Click the Compliance Checks tab to view information about the checks that are included in this standard. The section includes the check name, the number of findings (both active and suppressed), and the date/time of the last scan.

Compliance checks created from this screen will automatically be added to this compliance standard.

Ellipsis Menu

Clicking the ellipsis menu on the right of a check gives you the option to:

  • Resume - checks that fail three times due to an error with configuration or Cloud Custodian will be marked Suspended. The Resume menu option will reset the suspended status and resume scanning for this check.
  • Rescan - run the check again on demand.
  • Remove from standard - remove the check from this standard.
  • View check details page - view the details page for this check.

You can click on the check name to visit the detail page for the check.

The findings badges on this page are color coded to indicate the level of severity for the compliance check (which is also shown in the Severity column). The colors represent the following:

  • Gray: no findings. The check is compliant.
  • Maroon: non-compliant check with critical severity.
  • Red: non-compliant check with high severity.
  • Orange: non-compliant check with medium severity.
  • Yellow: non-compliant check with low severity.
  • Blue: non-compliant check with informational severity.
  • Slate: suppressed findings.
  • White (n/a): inactive. The check has not yet been applied to any standards, so it is not scanning for findings.

Since this page reflects findings by compliance check and severity is set at the check level, the numbers on the findings badges reflect the total number of findings at that severity level.

You can click on the findings badges to see a list of the findings.

Compliance Standard Details: Projects Tab

Click the Projects tab to view information about the projects to which this standard is applied, including the project name, the number of active and suppressed findings, and the date/time of the last scan.

Clicking the ellipsis menu on the right of a project gives you the option to: 

  • View findings - view findings for this project. Results will be limited to findings from the currently selected compliance standard.
  • View project details page - view the details page for this project.

You can click on the project name to view the project's detail page.

Compliance Standard Details: Cloud Rules Tab

Click the Cloud Rules tab to view all cloud rules where the compliance standard is applied.

You can click on a cloud rule's name to view its details page.

Compliance Standard Details: Accounts Tab

Click the Accounts tab to view the accounts where this check is applied, including the account name, account number, the number of active and suppressed findings, and the date/time of the last scan.

Clicking the ellipsis menu on the right of a standard gives you the option to:

  • Cloud Access. Log into the cloud console (if you have access to do so). Click this menu option, then click on the cloud access role you wish to use. You'll be taken directly to your console for AWS, Azure, or Google Cloud using the cloud access role you selected. For more information, see Logging in to a Cloud Provider Console with a Cloud Access Role
  • View findings. Brings up a list of findings for the selected account. For more information, see What is a Finding?
  • View account details page. Takes you to the account's details page. For more information, see Viewing Accounts.

 

Was this article helpful?
0 out of 0 found this helpful