Getting Started with Compliance Programs

Follow

Kion comes with jumpstarts for many common compliance programs, so you can quickly start applying permissions and deploying resources right out-of-the-box. In each jumpstart, in addition to the resources that monitor and enforce the controls within your environment, we provide individual responses for each compliance control within the selected program, detailing how Kion covers that control.

If you are building your own framework, we suggest using these programs and their included controls as references. They address many common cybersecurity issues that you should consider. You can also download our jumpstarts, then clone and edit the resources to suit your needs.

We also provide our own reference library, which includes many commonly used compliance resources. For more information, see Kion Managed Resources.

Included Compliance Programs

To download the resources for any of these programs, navigate to Compliance > Compliance Programs.

Each program jumpstart includes cloud rules, policies, templates, standards, and checks created by Kion to meet the requirements of the selected program. Once you have downloaded the jumpstart resources, simply apply the included cloud rule to implement the compliance checks.

This video shows an example of implementing a compliance jumpstart and an overview of the included resources.

Available Frameworks

You must be logged in to download attachments.

CIS

To use these resources, import the jumpstart, and apply the included cloud rule: CIS 1.2.0 (AWS).

CIS-Azure

To use these resources, import the jumpstart, and apply the included cloud rule: CIS Azure 1.3.0.

CMMC

To use these resources, import the jumpstart, and apply the included cloud rule: CMMC.

FedRAMP

To use these resources, import the jumpstart, and apply the included cloud rule: FEDRAMP.

HIPAA

To use these resources, import the jumpstart, and apply the included cloud rule: HIPAA.

ISO/IEC 27001:2013

To use these resources, import the jumpstart, and apply the included cloud rule: ISO IEC 27001.

NIST Cybersecurity Framework

To use these resources, import the jumpstart, and apply the included cloud rule: NIST CSF.

NIST 800-53 Revision 4

To use these resources, import the jumpstart, and apply the included cloud rule: NIST-800-53-Rev4.

NIST 800-171 Revision 2

To use these resources, import the jumpstart, and apply the included cloud rule: NIST-800-171-Rev2.

SOC 2

To use these resources, import the jumpstart, and apply the included cloud rule: SOC 2.

PCI DSS 3.2.1

To use these resources, import the jumpstart, and apply the included cloud rule: PCI DSS v3.2.1.

MITRE ATT&CK Framework

To use these resources, import the jumpstart from Settings > System Settings > Kion Managed Resources, and apply the included cloud rule: MITRE ATT&CK Framework.

NIST 800-53 Revision 5

To use these resources, import the jumpstart, and apply the included cloud rule: NIST-800-53-Rev4.

Kion AI Jumpstart

To use these resources, import the jumpstart, and apply the included cloud rule: Kion AI Jumpstart.

Kion Reference Library

The Kion reference library jumpstarts. This includes common AWS IAM policies, AWS CloudFormation templates, Azure ARM templates, Azure policies, Azure role definitions, Google Cloud compliance checks, Cloud rules, Compliance checks, Compliance standards. Reimporting this library does not duplicate resources.