We have expanded and updated our compliance bundles!

As security threats continue to evolve, we want to ensure that you are adhering to up-to-date compliance requirements and security best practices in the public cloud. As part of this commitment, we are constantly updating our compliance bundles included in our product.

We have made the following enhancements to our compliance module:

1. Added 5 new bundles for additional GCP and Azure coverage:

  • Azure CIS Foundations v. 1.0.0
  • Azure NIST 800-53 Rev 4
  • Azure PCI-DSS 3.2
  • Azure GDPR Readiness
  • GCP NIST 800-53 Rev 4
  • GCP PCI-DSS 3.2

2. Added new rules to include additional security guidelines

3. Updated some existing rules / bundles mappings including the following bug Fixes:

  • DFT-154 – Update Route53 hosted zone check
  • DFT-152 – Typo in PCI bundle (default’)
  • DFT-138 – Remove Security Group checks from S3 bundle

Customer Impact

1. Compliance score changes: Please note that depending on the bundle you use, you may see your compliance score go up or down. This is the result of the additional checks that we have added to our compliance bundles. We recommend that you review the new compliance score and results, and any failed rules.

As an example, you can see the old bundle validation results on the left. By passing 413 rules out of a total of 486 rules, a compliance score of 84.98% was achieved. On the right, you see the results of the new and updated bundle. This shows that out of the total of 1010 rules, 879 were passed – resulting in compliance score of 87.03%.

2.New findings:You may see some new findings in Continuous Compliance scheduled reports. If you are sending the results / assessment history into a SIEM system, these findings / rules would be sent as well.

For additional information, please contact us at support@dome9.com