Launch Week Day 2: Ensure cloud compliance

Lars KampLars Kamp
2 min read

Staying compliant is hard, especially in a dynamic cloud-native environment, where resource configurations can change all the time.

With Fix, you can now continuously assess your compliance posture across your cloud accounts and resources for the ISO 27001 and NIS2 compliance benchmarks. We're adding these two new benchmarks to our existing posture checks for the CIS Benchmark and the Security Pillar of the AWS Well Architected Framework.

The two new benchmark are included in our interactive heatmap. The heatmap provides a bird's eye view of your compliance posture across all your cloud accounts. It's a simple but effective and intuitive way to monitor your compliance posture at scale, across different standards and business units. A mouse-over provides a compliance score on a per account basis for each standard, with a break-down of the found issues by level of criticality (critical, high, medium, low).

The heatmap is a top-down view of your compliance posture, and allows you to drill down from the score for a specific standard to the list of resources that fail a check.

With the list, you can access a resource-level assessment, with additional context on the risk, a short description of the remediation to fix the issue, and a link ("more info") to the detailed documentation on the cloud provider's website. Customers have also told us that they like to customize their security checks. Each assessment provides the option to mute an alert for a specific resource by clicking on "ignore", or even mute the check for all resources, with the "ignore all" button.

Next to the heatmap, we're also introducing a benchmark detail view, where you can see the individual controls for a benchmark, and the resources affected.

All our benchmarks are open source, and so are the individual checks, meaning you have full visibility into how Fix collects data and performs the check.

Finally, our benchmarks integrate with Alerts, which allow you to pick benchmarks and levels of criticality for which you want to receive alerts in your favorite messaging tool.

These two benchmarks currently support AWS and are only the start. We're working on launching more benchmarks across all clouds, so that you can stay compliant no matter where your workloads are running. Multi-cloud inventory, which we announced yesterday, is the foundation for these multi-cloud security checks.

If you haven't tried our compliance heatmap yet, head over to the Fix docs to see how to get started and run your first compliance check.


This blog post is part of our Launch Week 1 announcements running from July 29th to August 2nd.

0
Subscribe to my newsletter

Read articles from Lars Kamp directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Lars Kamp
Lars Kamp