For this example, let’s focus on the production environment. In this case, of course, CIS AWS Benchmark 2.0.0.įrom there, we can select the specific cloud or clouds we want to scan.Īnd because we’ve got our badging and tagging strategies in order (right…….RIGHT?!) we can hone in even further. First, from the Compliance Summary page you’ll want to select your desired benchmark. ![]() Once you’re up and running, scoping your compliance assessment to a specific pack is as easy as 4 clicks. If you’re not yet using InsightCloudSec today, be sure to check out the docs pages here, which will guide you through getting started with the platform. How does ICS help me implement this in my environment?Īvailable as a compliance pack within InsightCloudSec right out-of-the-box, Rapid7 makes it easy for teams to scan their AWS environments for compliance against the recommendations and controls outlined in the CIS AWS Benchmark. So, if you’ve got some buckets that have been kicking around for a while, make sure they are employing encryption-at-rest and that it can not be inadvertently turned off at some point down the line.Īlong with these changes, CIS also made a few minor changes related to the wording in some of the benchmark titles and descriptions. It’s important to note that this only applies to newly created S3 buckets. This recommendation was removed because AWS now encrypts all new objects by default as of January 2023.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |