- 24 Mar 2022
- 2 Minutes to read
- Print
- DarkLight
- PDF
Cloud Asset Compliance Overview
- Updated on 24 Mar 2022
- 2 Minutes to read
- Print
- DarkLight
- PDF
Cloud Asset Compliance uses cloud configuration and asset data from cloud IAAS providers and compares those implementations against industry benchmarks and frameworks. These standards contain consensus best practices that can help safeguard systems against today’s evolving cyber threats, and are important for evaluating your organization’s cloud security posture.
Cloud Asset Compliance supports the following benchmarks:
- CIS Amazon Web Services Foundations benchmark. For additional information, see Securing Amazon Web Services on the CIS website.
- CIS Microsoft Azure Foundations benchmark. For additional information, see Securing Microsoft Azure on the CIS website.
- CIS Oracle Cloud Infrastructure Foundations benchmark. For additional information, see Securing Oracle Cloud on the CIS website.
- CIS Google Cloud Platform Foundations benchmark. For additional information, see Securing Google Cloud Platform on the CIS website.
Axonius is an official CIS product vendor.
Axonius Cloud Asset Compliance has satisfied the requirements of CIS Security Software Certification and has been awarded CIS Security Software Certification for the following CIS Benchmarks:
- CIS Benchmark for Amazon Web Services Foundations v1.4.0, Level 1
- CIS Benchmark for Amazon Web Services Foundations v1.4.0, Level 2
- CIS Benchmark for Amazon Web Services Foundations v1.3.0, Level 1
- CIS Benchmark for Amazon Web Services Foundations v1.3.0, Level 2
- CIS Benchmark for Amazon Web Services Foundations v1.2.0, Level 1 Profile
- CIS Benchmark for Amazon Web Services Foundations v1.2.0, Level 2 Profile
- CIS Benchmark for Microsoft Azure Foundations v1.1.0, Level 1
- CIS Benchmark for Microsoft Azure Foundations v1.1.0, Level 2
- CIS Benchmark for Google Cloud Platform Foundation v1.1.0, Level 1
- CIS Benchmark for Google Cloud Platform Foundation v1.1.0, Level 2
- CIS Benchmark for Oracle Cloud Infrastructure Foundations v1.0.0, Level 1
What is CIS? The Center for Internet Security (CIS) is a nonprofit with a mission to safeguard public and private organizations against cyber threats with a charter to:
- Identify, develop, validate, promote, and sustain best practice solutions for cyber defense
- Build and lead communities to enable an environment of trust in cyberspace
The CIS Controls® and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. The CIS Controls® are a prioritized set of 20 actions designed to protect an organization and data from known cyber attack vectors.
- The CIS Amazon Web Services Foundations Benchmark v1.4 consists of recommendation rules in 4 distinct categories:
- Identity and Access Management
- Logging
- Monitoring
- Networking
- The CIS Amazon Web Services Foundations Benchmark v1.3 consists of recommendation rules in 4 distinct categories:
- Identity and Access Management
- Logging
- Monitoring
- Networking
- The CIS Amazon Web Services Foundations Benchmark v1.2 consists of recommendation rules in 4 distinct categories:
- Identity and Access Management
- Logging
- Monitoring
- Networking
The CIS Google Cloud Platform Foundations Benchmark v1.1 consists of recommendation rules in 10 distinct categories:
- Identity and Access Management
- Logging and Monitoring
- Networking
- Virtual Machines
- Storage
- Cloud SQL Database Services
6.1 MySQL Database
6.2 PostgreSQL Database
6.3 SQL Server
7. BigQuery
- The CIS Microsoft Azure Foundations Benchmark v1.1 consists of recommendation rules in 10 distinct categories:
1. Identity and Access Management
2. Security Center
3. Storage Accounts
4. Database Services
5. Logging and Monitoring
5.1 Configuring Log Profile
5.2 Monitoring using Activity Log Alerts
6. Networking
7. Virtual Machines
8. Other Security Considerations
9. AppService
- The CIS Oracle Cloud Infrastructure Foundations Benchmark v1.0 consists of recommendation rules in 3 distinct categories:
1. Identity and Access Management
2. Networking
3. Logging and Monitoring